def pl_bg_arg(poc): try: if poc.option.mode.default == 'exploit': poc.exploit() # 默认为 exploit,如果用户指定payload则重新赋值 else: poc.payload() except: print setcolor.set_red("[!] ") + "载入失败 "
def reload_poc(): print setcolor.set_yellow("[*] ") + " Reload Payloads...." try: operation.pl_get_poc_name(const.PL_PWD) except: print setcolor.set_red("[!] ") + "重载模块失败" return print setcolor.set_green("[*] ") + "Reload Success "
def pl_return_path(pwd, path): PL_POC_FILE = pwd + '/' + path try: if PL_POC_FILE[-3:] == ".py": return PL_POC_FILE else: PL_POC_FILE = PL_POC_FILE + '.py' return PL_POC_FILE except: print setcolor.set_red("[!] ") + " 加载出错,查看是否存在该模块文件 "
def switch_shell(PL_PWD, shell_input): if shell_input[:3] == const.PL_USE: PL_POC_FILE = shell_input[3:].strip() PL_POC_FILE_T = const.PL_PAYLOAD_DIR + PL_POC_FILE if PL_POC_FILE == "": return else: PL_STATUS = operation.pl_judge_file_name(PL_PWD, PL_POC_FILE_T) if PL_STATUS: poc_re = PL_POC_FILE_T poc_module_path_first_name = ch.pl_path_split_first_name( PL_POC_FILE) poc_module_path_end_name = ch.pl_path_split_end_name( PL_POC_FILE) PL_POC_FILE = ch.pl_return_path(PL_PWD, PL_POC_FILE_T) read_cmd_line(PL_PWD, poc_re, PL_POC_FILE, poc_module_path_first_name, poc_module_path_end_name) else: print setcolor.set_red("[!] ") + "没有找到此模块 => " + PL_POC_FILE else: if shell_input == const.PL_SHOW: operation.pl_show_all_poc_info(PL_PWD) elif shell_input == const.PL_SHOW_PAYLOAD: operation.pl_show_payloads(PL_PWD) elif shell_input == const.PL_SHOW_EXPLOIT: operation.pl_show_exploits(PL_PWD) elif shell_input == const.PL_SHOW_HANDLER: operation.pl_show_handlers(PL_PWD) elif shell_input == const.PL_SHOW_SCANNER: operation.pl_show_scanners(PL_PWD) elif shell_input == const.PL_HELP or shell_input == "?": usage() elif shell_input[:6] == const.PL_SEARCH: PL_POC_NAME = shell_input[6:].strip() if PL_POC_NAME == "": return else: operation.print_poc_name_info(PL_PWD, PL_POC_NAME) elif shell_input == const.PL_EXIT: sys.exit() elif shell_input == const.PL_VERSION: ch.pl_show_version(PL_PWD) elif shell_input == (const.PL_LINUX_CLEAR) or shell_input == ( const.PL_WINDOWS_CLS): operation.pl_clsc() elif shell_input == const.PL_OS_SHELL: operation.pl_os_shell() elif shell_input == const.PL_LOAD: import pl_load_tool as load load.exec_load(PL_PWD) elif shell_input == const.PL_RELOAD_POC: ch.reload_poc() else: pass
def pl_show_poc_info(PL_POC_FILE): try: if PL_POC_FILE[-3:] == ".py": poc_info = getinfo.import_poc(PL_POC_FILE) print poc_info else: PL_POC_FILE = PL_POC_FILE + '.py' poc_info = getinfo.import_poc(PL_POC_FILE) print poc_info except: print setcolor.set_red("[!] ") + "加载文件信息出错 "
def read_tool_env(PL_PWD): try: f = open(PL_PWD + "/logs/third_tool.ini", 'r') except: print setcolor.set_red('[!] ') + u"工具载入失败" return print_tools() dirs = f.readlines() for d in dirs: d = d.replace('\n', "") print "\t" + d print f.close()
def pl_bg_arg(poc): try: if poc.option.mode.default == 'exploit': #判断监听状态 if poc.handler.listen == True: poc.exploit() poc.handler.payload_fun.exploit() else: poc.exploit() # 默认为 exploit,如果用户指定payload则重新赋值 else: poc.payload() except: print setcolor.set_red("[!] ") + "执行失败 "
def save_tool_env(PL_PWD): try: f = open(PL_PWD + "/logs/third_tool.ini", 'w+') except: print setcolor.set_red('[!] ') + u"工具载入失败" return path = PL_PWD + c.PL_TOOL_DIR dirs = os.listdir(path) for d in dirs: ds = path + '/' + d t = os.path.isfile(ds) if not t: f.write(d + '\n') f.close()
def pl_bg_arg(poc): try: if poc.option.mode.default == 'exploit': #判断监听状态 if poc.handler.listen == True: #判断监听模块 poc.exploit() judgeHandler.judge_str(poc.handler.payload_handler) #This is Bug.Wait me fix. #poc.handler.payload_fun.exploit() else: poc.exploit() # 默认为 exploit,如果用户指定payload则重新赋值 else: poc.payload() except: print setcolor.set_red("[!] ") + "执行失败 "
def pl_get_poc_option(PL_POC_FILE): try: if PL_POC_FILE[-3:] == ".py": poc_option = getinfo.import_pocs(PL_POC_FILE) if poc_option == None: pass else: return poc_option.option else: PL_POC_FILE = PL_POC_FILE + '.py' poc_option = getinfo.import_pocs(PL_POC_FILE) if poc_option == None: pass else: return poc_option.option except: print setcolor.set_red("[!] ") + "加载文件信息出错 "
def pl_run_poc(poc): pl_bg_arg(poc) try: results = [poc.result.to_python()] json.dumps(results) except Exception, e: print(setcolor.set_red("[!] ") + ' result 序列化失败') print(e) return
def pl_get_poc_name(PL_PWD,PL_POC_FILE): try: f = open(PL_PWD + '/bin/Purelove/logs/poc_name_path.pl','w+') f1 = open(PL_PWD + '/bin/Purelove/logs/poc_name.pl','w+') for root, dirs, files in os.walk(PL_POC_FILE): for name in files: if name.split('.')[1] == 'py' and os.path.split(name)[1] != '__init__.py': file_path = os.path.join(root.replace(PL_PWD,"")[1:], name) file_path1 = os.path.join(root, name) f.write(file_path + '\n') f1.write(file_path1 + '\n') else: pass except: print setcolor.set_red("[!]") + " 加载PAYLOAD失败,请重新运行!" f.close() f1.close() f.close() f1.close()
def pl_run_poc(poc): #不指定监听模块,执行本地监听函数 #frame.pl_set_hander(poc) pl_bg_arg(poc) try: results = [poc.result.to_python()] json.dumps(results) except Exception, e: print(setcolor.set_red("[!] ") + ' result 序列化失败') print(e) return
def pl_show_all_poc_info(PL_PWD): PL_PWD = PL_PWD + "/logs/poc_name_path.pl" if pl_judge_file(PL_PWD): f = open(PL_PWD) lines = f.readlines() desc = ''' PureLove Modules ---------------- ''' print desc print " {Name:<55}{DisclosureDate:<20}{Rank:<20}{Descriptions:<40}".format( Name="Name", DisclosureDate="Disclosure Date", Rank="Rank", Descriptions="Descriptions") print " {Name:<55}{DisclosureDate:<20}{Rank:<20}{Descriptions:<40}".format( Name="----", DisclosureDate="---------------", Rank="----", Descriptions="------------") try: for poc_name in lines: poc_name = poc_name.replace('\n', "") #去掉后缀 #导入模块 poc_name_t = "module/" + poc_name try: poc = getinfo.import_pocs(poc_name_t) #导入poc主函数 print " {poc_name:<55}{date:<20}{severity:<20}{name:<40}".format( poc_name=pl_del_suffix(poc_name), date=pl_get_file_date(poc_name_t), severity=poc.info['severity'], name=poc.info['name']) print except: f.close() except: f.close() else: print setcolor.set_red("[!] ") + "payload加载出错" #红色字体 return
def pl_get_poc_option(PL_POC_FILE): #判断后缀 try: if PL_POC_FILE[-3:] == ".py": #读取poc中的option poc_option = getinfo.import_pocs(PL_POC_FILE) if poc_option == None: pass else: return poc_option.option else: #加上后缀 PL_POC_FILE = PL_POC_FILE + '.py' poc_option = getinfo.import_pocs(PL_POC_FILE) if poc_option == None: pass else: return poc_option.option #读取poc中的description except: print setcolor.set_red("[!] ") + "加载文件信息出错 "
def exec_load(PL_PWD): tool.save_tool_env(PL_PWD) STATUS = False while not STATUS: load = setcolor.UseStyle("load",mode = 'underline') shell_input = raw_input(load + " > ").strip().lower() if shell_input[:4] == const.PL_SHOW: tool.read_tool_env(PL_PWD) elif shell_input[:4] == const.PL_LOAD: loads = shell_input[4:].strip() path = "python " + PL_PWD + "/thirdtools/" + loads + "/" + loads + ".py" print setcolor.set_blue('[*] ') + u'Loding .....' os.system(path) elif shell_input == const.PL_HELP or shell_input == "?": usage() elif shell_input == const.PL_EXIT or shell_input == "quit": STATUS = True elif shell_input == const.PL_RELOAD_POC: tool.save_tool_env(PL_PWD) else: print setcolor.set_red('[-]') + u" 请输入正确命令"
def switch_shell(PL_PWD, shell_input): if shell_input[:3] == const.PL_USE: PL_POC_FILE = shell_input[3:].strip() if PL_POC_FILE == "": return else: PL_STATUS = operation.pl_judge_file_name(PL_PWD, PL_POC_FILE) if PL_STATUS: poc_re = PL_POC_FILE poc_module_path_first_name = ch.pl_path_split_first_name(PL_POC_FILE) poc_module_path_end_name = ch.pl_path_split_end_name(PL_POC_FILE) PL_POC_FILE = ch.pl_return_path(PL_PWD,PL_POC_FILE) read_cmd_line(PL_PWD,poc_re,PL_POC_FILE, poc_module_path_first_name, poc_module_path_end_name) else: print setcolor.set_red(" [!] ") + "没有找到此模块 => ".decode('utf-8') + PL_POC_FILE else: if shell_input == const.PL_SHOW: operation.pl_show_all_poc_info(PL_PWD) elif shell_input == const.PL_HELP or shell_input == "?": usage() elif shell_input[:6] == const.PL_SEARCH: PL_POC_NAME = shell_input[6:].strip() if PL_POC_NAME == "": return else: operation.print_poc_name_info(PL_PWD, PL_POC_NAME) elif shell_input == const.PL_EXIT: sys.exit() elif shell_input == const.PL_VERSION: ch.pl_show_version(PL_PWD) elif shell_input == (const.PL_LINUX_CLEAR) or shell_input == (const.PL_WINDOWS_CLS): os.system('cls') elif shell_input == const.PL_OS_SHELL: operation.pl_os_shell() elif shell_input == "load": pass else: pass
def read_cmd_lines(PL_PWD, poc_re, PL_POC_FILE, poc_module_path_first_name, poc_module_path_end_name): poc = getinfo.import_pocs(PL_POC_FILE) while True: ple = setcolor.UseStyle("ple", mode='underline') poc_shell_input = raw_input( ple + " " + poc_module_path_first_name + "(" + setcolor.set_red(poc_module_path_end_name) + ") > ").strip() if poc_shell_input == const.PL_BACK: poc.handler.__init__() return else: if poc_shell_input[:3] == const.PL_SET: poc_shell = poc_shell_input[3:].strip() pay_shell = poc_shell_input[:11].strip() if poc_shell == None: pass elif pay_shell == const.PL_SET_PAYLOAD: poc.handler.__init__() payload_shell = const.PL_PAYLOAD_DIR + poc_shell_input[ 11:].strip().lower() #获取payload名,进行存在判断 if poc_shell == None: pass else: PL_STATUS = operation.pl_judge_file_name( PL_PWD, payload_shell) #判断文件是否存在 if PL_STATUS and poc.handler.listen == False: poc.handler.listen = True #exploit模块监听状态置True poc.handler.payload = payload_shell #传入payload模块 poc.handler.pwd = ch.pl_return_path( PL_PWD, payload_shell) poc.handler.payload_fun = getinfo.import_pocs( poc.handler.pwd) #装载模块 elif PL_STATUS and poc.handler.listen == True: poc.handler.payload = payload_shell #传入payload模块 poc.handler.pwd = ch.pl_return_path( PL_PWD, payload_shell) poc.handler.payload_fun = getinfo.import_pocs( poc.handler.pwd) #装载模块 else: print setcolor.set_red( " [!] ") + "没有找到此模块 => ".decode( 'utf-8') + poc_shell else: try: poc_shells = poc_shell.split(" ") option_key = poc_shells[0] option_value = poc_shells[1] if poc.handler.listen == True: if poc.handler.payload == "": pass else: for option_pay, option_filter_pay in poc.handler.payload_fun.option.items( ): if option_filter_pay['default'] == None: option_filter_pay['default'] = '' if option_filter_pay['desc'] == None: option_filter_pay['desc'] = '' for option_pay, option_filter_pay in poc.handler.payload_fun.option.items( ): if option_key == option_pay: if option_filter_pay['Required'] == "": print setcolor.set_yellow( "[-] ") + "参数为固定值,无法修改!" else: print option_key + " => " + option_value option_filter_pay[ 'default'] = option_filter_pay[ 'convert'](option_value) option_filter_pay[ 'Required'] = "yes" for option, option_filter in poc.option.items(): if option_filter['default'] == None: option_filter['default'] = '' if option_filter['desc'] == None: option_filter['desc'] = '' for option, option_filter in poc.option.items(): if option_key == option: if option_filter['Required'] == "": print setcolor.set_yellow( "[-] ") + "参数为固定值,无法修改!" else: print option_key + " => " + option_value option_filter['default'] = option_filter[ 'convert'](option_value) option_filter['Required'] = "yes" if not option_key: pass except: print setcolor.set_red("[!] ") + "参数设置错误" elif poc_shell_input == const.PL_INFO: ch.pl_show_poc_info(PL_POC_FILE) ch.pl_show_poc_infos(poc) elif poc_shell_input == const.PL_RUN or poc_shell_input == const.PL_EXPLOIT: ch.pl_run_poc(poc) elif poc_shell_input == const.PL_SHOW_OPTIONS: ch.pl_run_poc_show(poc, poc_re) elif poc_shell_input == const.PL_HELP or poc_shell_input == "?": usage() elif poc_shell_input[:5] == "unset": try: poc_shell = poc_shell_input[5:].strip() #Payload Listen if poc.handler.listen == True: if poc.handler.payload == "": pass else: for option_pay, options_filter_pay in poc.handler.payload_fun.option.items( ): if poc_shell == option: if option_filter['default'] == "": pass elif option_filter['default'] != "": print poc_shell + " => unset" option_filter['default'] = "" option_filter['Required'] = "no" else: pass for option, option_filter in poc.option.items(): if poc_shell == option: if option_filter['default'] == "": pass elif option_filter['default'] != "": print poc_shell + " => unset" option_filter['default'] = "" option_filter['Required'] = "no" else: pass except: print setcolor.set_red("[!] ") + "参数设置错误" elif poc_shell_input[:3] == const.PL_USE: PL_POC_FILE = const.PL_PAYLOAD_DIR + poc_shell_input[3:].strip( ) if PL_POC_FILE == "": return else: PL_STATUS = operation.pl_judge_file_name( PL_PWD, PL_POC_FILE) if PL_STATUS: poc.handler.__init__() poc_re = PL_POC_FILE poc_module_path_first_name = ch.pl_path_split_first_name( PL_POC_FILE) poc_module_path_end_name = ch.pl_path_split_end_name( PL_POC_FILE) PL_POC_FILE = ch.pl_return_path(PL_PWD, PL_POC_FILE) poc = getinfo.import_pocs(PL_POC_FILE) else: print setcolor.set_red(" [!] ") + "没有找到此模块 => ".decode( 'utf-8') + PL_POC_FILE else: #print "error please debug" pass
def read_cmd_lines(PL_PWD, poc_re, PL_POC_FILE, poc_module_path_first_name, poc_module_path_end_name): poc = getinfo.import_pocs(PL_POC_FILE) while True: ple = setcolor.UseStyle("ple", mode='underline') poc_shell_input = raw_input( ple + " " + poc_module_path_first_name + "(" + setcolor.set_red(poc_module_path_end_name) + ") > ").strip() if poc_shell_input == const.PL_BACK: return else: if poc_shell_input[:3] == const.PL_SET: poc_shell = poc_shell_input[3:].strip() if poc_shell == None: pass else: try: poc_shells = poc_shell.split(" ") option_key = poc_shells[0] option_value = poc_shells[1] for option, option_filter in poc.option.items(): if option_filter['default'] == None: option_filter['default'] = '' if option_filter['desc'] == None: option_filter['desc'] = '' for option, option_filter in poc.option.items(): if option_key == option: if option_filter['Required'] == "": print setcolor.set_yellow( "[-] ") + "参数为固定值,无法修改!" else: print option_key + " => " + option_value option_filter['default'] = option_filter[ 'convert'](option_value) option_filter['Required'] = "yes" if not option_key: pass except: print setcolor.set_red("[!] ") + "参数设置错误" elif poc_shell_input == const.PL_INFO: ch.pl_show_poc_info(PL_POC_FILE) elif poc_shell_input == const.PL_RUN or poc_shell_input == const.PL_EXPLOIT: ch.pl_run_poc(poc) elif poc_shell_input == const.PL_SHOW_OPTIONS: ch.pl_run_poc_show(poc, poc_re) elif poc_shell_input == const.PL_HELP or poc_shell_input == "?": usage() elif poc_shell_input[:5] == "unset": try: poc_shell = poc_shell_input[5:].strip() print poc_shell for option, option_filter in poc.option.items(): if poc_shell == option: if option_filter['default'] == "": pass elif option_filter['default'] != "": print poc_shell + " => unset" option_filter['default'] = "" option_filter['Required'] = "no" else: pass except: print setcolor.set_red("[!] ") + "参数设置错误" elif poc_shell_input[:3] == const.PL_USE: PL_POC_FILE = poc_shell_input[3:].strip() if PL_POC_FILE == "": return else: PL_STATUS = operation.pl_judge_file_name( PL_PWD, PL_POC_FILE) if PL_STATUS: poc_re = PL_POC_FILE poc_module_path_first_name = ch.pl_path_split_first_name( PL_POC_FILE) poc_module_path_end_name = ch.pl_path_split_end_name( PL_POC_FILE) PL_POC_FILE = ch.pl_return_path(PL_PWD, PL_POC_FILE) poc = getinfo.import_pocs(PL_POC_FILE) else: print setcolor.set_red(" [!] ") + "没有找到此模块 => ".decode( 'utf-8') + PL_POC_FILE #监听shell,暂未写 #elif poc_shell_input[:11] == "set payload": #poc_shell = poc_shell_input[10:].strip().lower() #if poc_shell == None: #pass #else: #poc.hander.listen = True #pl_set_hander(poc) else: #print "error please debug" pass
def pl_show_poc_infos(poc_options): try: pl_poc_info_show(poc_options.option.items()) except: print setcolor.set_red("[!] ") + "加载文件参数出错 "
print('\t{poc_severity}'.format(poc_severity = poc.info.get('severity', ''))) print(u'[漏洞类别]') print('\t{poc_type}'.format(poc_type = poc.info.get('type', ''))) print(u'[相关引用]') for each_ref in poc.info.get('ref', {}): if not each_ref: return ref_key = each_ref.keys()[0] print('\t* {ref_key}: {ref_value}'.format(ref_key = ref_key, ref_value = each_ref.get(ref_key).strip())) poc.result.status = False elif poc.result.exp_status: poc.result.exp_status = False else: print setcolor.set_red("[-] ") + " 目标不存在漏洞" def pl_get_poc_option(PL_POC_FILE): try: if PL_POC_FILE[-3:] == ".py": poc_option = getinfo.import_pocs(PL_POC_FILE) if poc_option == None: pass else: return poc_option.option else: PL_POC_FILE = PL_POC_FILE + '.py' poc_option = getinfo.import_pocs(PL_POC_FILE) if poc_option == None: pass else: return poc_option.option