def pl_bg_arg(poc):
try:
if poc.option.mode.default == 'exploit':
poc.exploit() # 默认为 exploit,如果用户指定payload则重新赋值
else:
poc.payload()
except:
print setcolor.set_red("[!] ") + "载入失败 "
def reload_poc():
print setcolor.set_yellow("[*] ") + " Reload Payloads...."
try:
operation.pl_get_poc_name(const.PL_PWD)
except:
print setcolor.set_red("[!] ") + "重载模块失败"
return
print setcolor.set_green("[*] ") + "Reload Success "
def pl_return_path(pwd, path):
PL_POC_FILE = pwd + '/' + path
try:
if PL_POC_FILE[-3:] == ".py":
return PL_POC_FILE
else:
PL_POC_FILE = PL_POC_FILE + '.py'
return PL_POC_FILE
except:
print setcolor.set_red("[!] ") + " 加载出错,查看是否存在该模块文件 "
def switch_shell(PL_PWD, shell_input):
if shell_input[:3] == const.PL_USE:
PL_POC_FILE = shell_input[3:].strip()
PL_POC_FILE_T = const.PL_PAYLOAD_DIR + PL_POC_FILE
if PL_POC_FILE == "":
return
else:
PL_STATUS = operation.pl_judge_file_name(PL_PWD, PL_POC_FILE_T)
if PL_STATUS:
poc_re = PL_POC_FILE_T
poc_module_path_first_name = ch.pl_path_split_first_name(
PL_POC_FILE)
poc_module_path_end_name = ch.pl_path_split_end_name(
PL_POC_FILE)
PL_POC_FILE = ch.pl_return_path(PL_PWD, PL_POC_FILE_T)
read_cmd_line(PL_PWD, poc_re, PL_POC_FILE,
poc_module_path_first_name,
poc_module_path_end_name)
else:
print setcolor.set_red("[!] ") + "没有找到此模块 => " + PL_POC_FILE
else:
if shell_input == const.PL_SHOW:
operation.pl_show_all_poc_info(PL_PWD)
elif shell_input == const.PL_SHOW_PAYLOAD:
operation.pl_show_payloads(PL_PWD)
elif shell_input == const.PL_SHOW_EXPLOIT:
operation.pl_show_exploits(PL_PWD)
elif shell_input == const.PL_SHOW_HANDLER:
operation.pl_show_handlers(PL_PWD)
elif shell_input == const.PL_SHOW_SCANNER:
operation.pl_show_scanners(PL_PWD)
elif shell_input == const.PL_HELP or shell_input == "?":
usage()
elif shell_input[:6] == const.PL_SEARCH:
PL_POC_NAME = shell_input[6:].strip()
if PL_POC_NAME == "":
return
else:
operation.print_poc_name_info(PL_PWD, PL_POC_NAME)
elif shell_input == const.PL_EXIT:
sys.exit()
elif shell_input == const.PL_VERSION:
ch.pl_show_version(PL_PWD)
elif shell_input == (const.PL_LINUX_CLEAR) or shell_input == (
const.PL_WINDOWS_CLS):
operation.pl_clsc()
elif shell_input == const.PL_OS_SHELL:
operation.pl_os_shell()
elif shell_input == const.PL_LOAD:
import pl_load_tool as load
load.exec_load(PL_PWD)
elif shell_input == const.PL_RELOAD_POC:
ch.reload_poc()
else:
pass
def pl_show_poc_info(PL_POC_FILE):
try:
if PL_POC_FILE[-3:] == ".py":
poc_info = getinfo.import_poc(PL_POC_FILE)
print poc_info
else:
PL_POC_FILE = PL_POC_FILE + '.py'
poc_info = getinfo.import_poc(PL_POC_FILE)
print poc_info
except:
print setcolor.set_red("[!] ") + "加载文件信息出错 "
def read_tool_env(PL_PWD):
try:
f = open(PL_PWD + "/logs/third_tool.ini", 'r')
except:
print setcolor.set_red('[!] ') + u"工具载入失败"
return
print_tools()
dirs = f.readlines()
for d in dirs:
d = d.replace('\n', "")
print "\t" + d
print
f.close()
def pl_bg_arg(poc):
try:
if poc.option.mode.default == 'exploit':
#判断监听状态
if poc.handler.listen == True:
poc.exploit()
poc.handler.payload_fun.exploit()
else:
poc.exploit() # 默认为 exploit,如果用户指定payload则重新赋值
else:
poc.payload()
except:
print setcolor.set_red("[!] ") + "执行失败 "
def save_tool_env(PL_PWD):
try:
f = open(PL_PWD + "/logs/third_tool.ini", 'w+')
except:
print setcolor.set_red('[!] ') + u"工具载入失败"
return
path = PL_PWD + c.PL_TOOL_DIR
dirs = os.listdir(path)
for d in dirs:
ds = path + '/' + d
t = os.path.isfile(ds)
if not t:
f.write(d + '\n')
f.close()
def pl_bg_arg(poc):
try:
if poc.option.mode.default == 'exploit':
#判断监听状态
if poc.handler.listen == True:
#判断监听模块
poc.exploit()
judgeHandler.judge_str(poc.handler.payload_handler) #This is Bug.Wait me fix.
#poc.handler.payload_fun.exploit()
else:
poc.exploit() # 默认为 exploit,如果用户指定payload则重新赋值
else:
poc.payload()
except:
print setcolor.set_red("[!] ") + "执行失败 "
def pl_get_poc_option(PL_POC_FILE):
try:
if PL_POC_FILE[-3:] == ".py":
poc_option = getinfo.import_pocs(PL_POC_FILE)
if poc_option == None:
pass
else:
return poc_option.option
else:
PL_POC_FILE = PL_POC_FILE + '.py'
poc_option = getinfo.import_pocs(PL_POC_FILE)
if poc_option == None:
pass
else:
return poc_option.option
except:
print setcolor.set_red("[!] ") + "加载文件信息出错 "
def pl_run_poc(poc):
pl_bg_arg(poc)
try:
results = [poc.result.to_python()]
json.dumps(results)
except Exception, e:
print(setcolor.set_red("[!] ") + ' result 序列化失败')
print(e)
return
def pl_get_poc_name(PL_PWD,PL_POC_FILE):
try:
f = open(PL_PWD + '/bin/Purelove/logs/poc_name_path.pl','w+')
f1 = open(PL_PWD + '/bin/Purelove/logs/poc_name.pl','w+')
for root, dirs, files in os.walk(PL_POC_FILE):
for name in files:
if name.split('.')[1] == 'py' and os.path.split(name)[1] != '__init__.py':
file_path = os.path.join(root.replace(PL_PWD,"")[1:], name)
file_path1 = os.path.join(root, name)
f.write(file_path + '\n')
f1.write(file_path1 + '\n')
else:
pass
except:
print setcolor.set_red("[!]") + " 加载PAYLOAD失败,请重新运行!"
f.close()
f1.close()
f.close()
f1.close()
def pl_run_poc(poc):
#不指定监听模块,执行本地监听函数
#frame.pl_set_hander(poc)
pl_bg_arg(poc)
try:
results = [poc.result.to_python()]
json.dumps(results)
except Exception, e:
print(setcolor.set_red("[!] ") + ' result 序列化失败')
print(e)
return
def pl_show_all_poc_info(PL_PWD):
PL_PWD = PL_PWD + "/logs/poc_name_path.pl"
if pl_judge_file(PL_PWD):
f = open(PL_PWD)
lines = f.readlines()
desc = '''
PureLove Modules
----------------
'''
print desc
print " {Name:<55}{DisclosureDate:<20}{Rank:<20}{Descriptions:<40}".format(
Name="Name",
DisclosureDate="Disclosure Date",
Rank="Rank",
Descriptions="Descriptions")
print " {Name:<55}{DisclosureDate:<20}{Rank:<20}{Descriptions:<40}".format(
Name="----",
DisclosureDate="---------------",
Rank="----",
Descriptions="------------")
try:
for poc_name in lines:
poc_name = poc_name.replace('\n', "")
#去掉后缀
#导入模块
poc_name_t = "module/" + poc_name
try:
poc = getinfo.import_pocs(poc_name_t) #导入poc主函数
print " {poc_name:<55}{date:<20}{severity:<20}{name:<40}".format(
poc_name=pl_del_suffix(poc_name),
date=pl_get_file_date(poc_name_t),
severity=poc.info['severity'],
name=poc.info['name'])
print
except:
f.close()
except:
f.close()
else:
print setcolor.set_red("[!] ") + "payload加载出错" #红色字体
return
def pl_get_poc_option(PL_POC_FILE):
#判断后缀
try:
if PL_POC_FILE[-3:] == ".py":
#读取poc中的option
poc_option = getinfo.import_pocs(PL_POC_FILE)
if poc_option == None:
pass
else:
return poc_option.option
else:
#加上后缀
PL_POC_FILE = PL_POC_FILE + '.py'
poc_option = getinfo.import_pocs(PL_POC_FILE)
if poc_option == None:
pass
else:
return poc_option.option
#读取poc中的description
except:
print setcolor.set_red("[!] ") + "加载文件信息出错 "
def exec_load(PL_PWD):
tool.save_tool_env(PL_PWD)
STATUS = False
while not STATUS:
load = setcolor.UseStyle("load",mode = 'underline')
shell_input = raw_input(load + " > ").strip().lower()
if shell_input[:4] == const.PL_SHOW:
tool.read_tool_env(PL_PWD)
elif shell_input[:4] == const.PL_LOAD:
loads = shell_input[4:].strip()
path = "python " + PL_PWD + "/thirdtools/" + loads + "/" + loads + ".py"
print setcolor.set_blue('[*] ') + u'Loding .....'
os.system(path)
elif shell_input == const.PL_HELP or shell_input == "?":
usage()
elif shell_input == const.PL_EXIT or shell_input == "quit":
STATUS = True
elif shell_input == const.PL_RELOAD_POC:
tool.save_tool_env(PL_PWD)
else:
print setcolor.set_red('[-]') + u" 请输入正确命令"
def switch_shell(PL_PWD, shell_input):
if shell_input[:3] == const.PL_USE:
PL_POC_FILE = shell_input[3:].strip()
if PL_POC_FILE == "":
return
else:
PL_STATUS = operation.pl_judge_file_name(PL_PWD, PL_POC_FILE)
if PL_STATUS:
poc_re = PL_POC_FILE
poc_module_path_first_name = ch.pl_path_split_first_name(PL_POC_FILE)
poc_module_path_end_name = ch.pl_path_split_end_name(PL_POC_FILE)
PL_POC_FILE = ch.pl_return_path(PL_PWD,PL_POC_FILE)
read_cmd_line(PL_PWD,poc_re,PL_POC_FILE, poc_module_path_first_name, poc_module_path_end_name)
else:
print setcolor.set_red(" [!] ") + "没有找到此模块 => ".decode('utf-8') + PL_POC_FILE
else:
if shell_input == const.PL_SHOW:
operation.pl_show_all_poc_info(PL_PWD)
elif shell_input == const.PL_HELP or shell_input == "?":
usage()
elif shell_input[:6] == const.PL_SEARCH:
PL_POC_NAME = shell_input[6:].strip()
if PL_POC_NAME == "":
return
else:
operation.print_poc_name_info(PL_PWD, PL_POC_NAME)
elif shell_input == const.PL_EXIT:
sys.exit()
elif shell_input == const.PL_VERSION:
ch.pl_show_version(PL_PWD)
elif shell_input == (const.PL_LINUX_CLEAR) or shell_input == (const.PL_WINDOWS_CLS):
os.system('cls')
elif shell_input == const.PL_OS_SHELL:
operation.pl_os_shell()
elif shell_input == "load":
pass
else:
pass
def read_cmd_lines(PL_PWD, poc_re, PL_POC_FILE, poc_module_path_first_name,
poc_module_path_end_name):
poc = getinfo.import_pocs(PL_POC_FILE)
while True:
ple = setcolor.UseStyle("ple", mode='underline')
poc_shell_input = raw_input(
ple + " " + poc_module_path_first_name + "(" +
setcolor.set_red(poc_module_path_end_name) + ") > ").strip()
if poc_shell_input == const.PL_BACK:
poc.handler.__init__()
return
else:
if poc_shell_input[:3] == const.PL_SET:
poc_shell = poc_shell_input[3:].strip()
pay_shell = poc_shell_input[:11].strip()
if poc_shell == None:
pass
elif pay_shell == const.PL_SET_PAYLOAD:
poc.handler.__init__()
payload_shell = const.PL_PAYLOAD_DIR + poc_shell_input[
11:].strip().lower() #获取payload名,进行存在判断
if poc_shell == None:
pass
else:
PL_STATUS = operation.pl_judge_file_name(
PL_PWD, payload_shell) #判断文件是否存在
if PL_STATUS and poc.handler.listen == False:
poc.handler.listen = True #exploit模块监听状态置True
poc.handler.payload = payload_shell #传入payload模块
poc.handler.pwd = ch.pl_return_path(
PL_PWD, payload_shell)
poc.handler.payload_fun = getinfo.import_pocs(
poc.handler.pwd) #装载模块
elif PL_STATUS and poc.handler.listen == True:
poc.handler.payload = payload_shell #传入payload模块
poc.handler.pwd = ch.pl_return_path(
PL_PWD, payload_shell)
poc.handler.payload_fun = getinfo.import_pocs(
poc.handler.pwd) #装载模块
else:
print setcolor.set_red(
" [!] ") + "没有找到此模块 => ".decode(
'utf-8') + poc_shell
else:
try:
poc_shells = poc_shell.split(" ")
option_key = poc_shells[0]
option_value = poc_shells[1]
if poc.handler.listen == True:
if poc.handler.payload == "":
pass
else:
for option_pay, option_filter_pay in poc.handler.payload_fun.option.items(
):
if option_filter_pay['default'] == None:
option_filter_pay['default'] = ''
if option_filter_pay['desc'] == None:
option_filter_pay['desc'] = ''
for option_pay, option_filter_pay in poc.handler.payload_fun.option.items(
):
if option_key == option_pay:
if option_filter_pay['Required'] == "":
print setcolor.set_yellow(
"[-] ") + "参数为固定值,无法修改!"
else:
print option_key + " => " + option_value
option_filter_pay[
'default'] = option_filter_pay[
'convert'](option_value)
option_filter_pay[
'Required'] = "yes"
for option, option_filter in poc.option.items():
if option_filter['default'] == None:
option_filter['default'] = ''
if option_filter['desc'] == None:
option_filter['desc'] = ''
for option, option_filter in poc.option.items():
if option_key == option:
if option_filter['Required'] == "":
print setcolor.set_yellow(
"[-] ") + "参数为固定值,无法修改!"
else:
print option_key + " => " + option_value
option_filter['default'] = option_filter[
'convert'](option_value)
option_filter['Required'] = "yes"
if not option_key:
pass
except:
print setcolor.set_red("[!] ") + "参数设置错误"
elif poc_shell_input == const.PL_INFO:
ch.pl_show_poc_info(PL_POC_FILE)
ch.pl_show_poc_infos(poc)
elif poc_shell_input == const.PL_RUN or poc_shell_input == const.PL_EXPLOIT:
ch.pl_run_poc(poc)
elif poc_shell_input == const.PL_SHOW_OPTIONS:
ch.pl_run_poc_show(poc, poc_re)
elif poc_shell_input == const.PL_HELP or poc_shell_input == "?":
usage()
elif poc_shell_input[:5] == "unset":
try:
poc_shell = poc_shell_input[5:].strip()
#Payload Listen
if poc.handler.listen == True:
if poc.handler.payload == "":
pass
else:
for option_pay, options_filter_pay in poc.handler.payload_fun.option.items(
):
if poc_shell == option:
if option_filter['default'] == "":
pass
elif option_filter['default'] != "":
print poc_shell + " => unset"
option_filter['default'] = ""
option_filter['Required'] = "no"
else:
pass
for option, option_filter in poc.option.items():
if poc_shell == option:
if option_filter['default'] == "":
pass
elif option_filter['default'] != "":
print poc_shell + " => unset"
option_filter['default'] = ""
option_filter['Required'] = "no"
else:
pass
except:
print setcolor.set_red("[!] ") + "参数设置错误"
elif poc_shell_input[:3] == const.PL_USE:
PL_POC_FILE = const.PL_PAYLOAD_DIR + poc_shell_input[3:].strip(
)
if PL_POC_FILE == "":
return
else:
PL_STATUS = operation.pl_judge_file_name(
PL_PWD, PL_POC_FILE)
if PL_STATUS:
poc.handler.__init__()
poc_re = PL_POC_FILE
poc_module_path_first_name = ch.pl_path_split_first_name(
PL_POC_FILE)
poc_module_path_end_name = ch.pl_path_split_end_name(
PL_POC_FILE)
PL_POC_FILE = ch.pl_return_path(PL_PWD, PL_POC_FILE)
poc = getinfo.import_pocs(PL_POC_FILE)
else:
print setcolor.set_red(" [!] ") + "没有找到此模块 => ".decode(
'utf-8') + PL_POC_FILE
else:
#print "error please debug"
pass
def read_cmd_lines(PL_PWD, poc_re, PL_POC_FILE, poc_module_path_first_name,
poc_module_path_end_name):
poc = getinfo.import_pocs(PL_POC_FILE)
while True:
ple = setcolor.UseStyle("ple", mode='underline')
poc_shell_input = raw_input(
ple + " " + poc_module_path_first_name + "(" +
setcolor.set_red(poc_module_path_end_name) + ") > ").strip()
if poc_shell_input == const.PL_BACK:
return
else:
if poc_shell_input[:3] == const.PL_SET:
poc_shell = poc_shell_input[3:].strip()
if poc_shell == None:
pass
else:
try:
poc_shells = poc_shell.split(" ")
option_key = poc_shells[0]
option_value = poc_shells[1]
for option, option_filter in poc.option.items():
if option_filter['default'] == None:
option_filter['default'] = ''
if option_filter['desc'] == None:
option_filter['desc'] = ''
for option, option_filter in poc.option.items():
if option_key == option:
if option_filter['Required'] == "":
print setcolor.set_yellow(
"[-] ") + "参数为固定值,无法修改!"
else:
print option_key + " => " + option_value
option_filter['default'] = option_filter[
'convert'](option_value)
option_filter['Required'] = "yes"
if not option_key:
pass
except:
print setcolor.set_red("[!] ") + "参数设置错误"
elif poc_shell_input == const.PL_INFO:
ch.pl_show_poc_info(PL_POC_FILE)
elif poc_shell_input == const.PL_RUN or poc_shell_input == const.PL_EXPLOIT:
ch.pl_run_poc(poc)
elif poc_shell_input == const.PL_SHOW_OPTIONS:
ch.pl_run_poc_show(poc, poc_re)
elif poc_shell_input == const.PL_HELP or poc_shell_input == "?":
usage()
elif poc_shell_input[:5] == "unset":
try:
poc_shell = poc_shell_input[5:].strip()
print poc_shell
for option, option_filter in poc.option.items():
if poc_shell == option:
if option_filter['default'] == "":
pass
elif option_filter['default'] != "":
print poc_shell + " => unset"
option_filter['default'] = ""
option_filter['Required'] = "no"
else:
pass
except:
print setcolor.set_red("[!] ") + "参数设置错误"
elif poc_shell_input[:3] == const.PL_USE:
PL_POC_FILE = poc_shell_input[3:].strip()
if PL_POC_FILE == "":
return
else:
PL_STATUS = operation.pl_judge_file_name(
PL_PWD, PL_POC_FILE)
if PL_STATUS:
poc_re = PL_POC_FILE
poc_module_path_first_name = ch.pl_path_split_first_name(
PL_POC_FILE)
poc_module_path_end_name = ch.pl_path_split_end_name(
PL_POC_FILE)
PL_POC_FILE = ch.pl_return_path(PL_PWD, PL_POC_FILE)
poc = getinfo.import_pocs(PL_POC_FILE)
else:
print setcolor.set_red(" [!] ") + "没有找到此模块 => ".decode(
'utf-8') + PL_POC_FILE
#监听shell,暂未写
#elif poc_shell_input[:11] == "set payload":
#poc_shell = poc_shell_input[10:].strip().lower()
#if poc_shell == None:
#pass
#else:
#poc.hander.listen = True
#pl_set_hander(poc)
else:
#print "error please debug"
pass
def pl_show_poc_infos(poc_options):
try:
pl_poc_info_show(poc_options.option.items())
except:
print setcolor.set_red("[!] ") + "加载文件参数出错 "
print('\t{poc_severity}'.format(poc_severity = poc.info.get('severity', '')))
print(u'[漏洞类别]')
print('\t{poc_type}'.format(poc_type = poc.info.get('type', '')))
print(u'[相关引用]')
for each_ref in poc.info.get('ref', {}):
if not each_ref:
return
ref_key = each_ref.keys()[0]
print('\t* {ref_key}: {ref_value}'.format(ref_key = ref_key, ref_value = each_ref.get(ref_key).strip()))
poc.result.status = False
elif poc.result.exp_status:
poc.result.exp_status = False
else:
print setcolor.set_red("[-] ") + " 目标不存在漏洞"
def pl_get_poc_option(PL_POC_FILE):
try:
if PL_POC_FILE[-3:] == ".py":
poc_option = getinfo.import_pocs(PL_POC_FILE)
if poc_option == None:
pass
else:
return poc_option.option
else:
PL_POC_FILE = PL_POC_FILE + '.py'
poc_option = getinfo.import_pocs(PL_POC_FILE)
if poc_option == None:
pass
else:
return poc_option.option
