def main(cmd):
if sga.module == None:
sga.infoPrint("unload: no module has been loaded")
return
maxLength1 = 0
maxLength2 = 0
for k in sga.moduleOptions:
if maxLength1 < len(k):
maxLength1 = len(k)
if maxLength2 < len(sga.moduleOptions[k]['value']):
maxLength2 = len(sga.moduleOptions[k]['value'])
if maxLength2 < 5:
maxLength2 = 5
if maxLength1 < 4:
maxLength1 = 4
spaceString1 = " " + " " * (maxLength1 - 4)
spaceString2 = " " + " " * (maxLength2 - 5)
print("module options")
print("--------------")
print(" name%svalue%snote"%(spaceString1,spaceString2))
print(" ----%s-----%s----"%(spaceString1,spaceString2))
for k in sga.moduleOptions:
tmp = sga.moduleOptions[k]
spaceString1 = " " + " " * (maxLength1 - len(k))
spaceString2 = " " + " " * (maxLength2 - len(tmp["value"]))
print(" %s%s%s%s%s"%(k,spaceString1,tmp["value"],spaceString2,tmp["info"]))
def main(cmd):
cmdList = cmd.split(" ")
if len(cmdList) < 2:
sga.errorPrint("search command: search [cveID/keyword]")
return
if not os.path.isfile(".com/cacheDB"):
sga.errorPrint(
"No local cache, use \"build\" command to build the local cache database file"
)
sga.infoPrint("use slow search")
result = slowSearch(cmdList[1])
else:
result = search(cmdList[1])
if len(result) <= 0:
return
maxLengthPath = 0
maxLengthAuthor = 0
maxLengthDate = 0
for k in result:
if maxLengthPath < len(k):
maxLengthPath = len(k)
if maxLengthAuthor < len(result[k]['author']):
maxLengthAuthor = len(result[k]['author'])
if maxLengthDate < len(result[k]['date']):
maxLengthDate = len(result[k]['date'])
string = "search keyword: %s" % (cmdList[1])
print(string)
print("-" * len(string))
spaceString1 = " " + " " * (maxLengthPath - 4)
spaceString2 = " " + " " * (maxLengthAuthor - 6)
spaceString3 = " " + " " * (maxLengthDate - 4)
print(" path%sauthor%sdate%sinfo" %
(spaceString1, spaceString2, spaceString3))
print(" ----%s------%s----%s----" %
(spaceString1, spaceString2, spaceString3))
for k in result:
spaceString1 = " " + " " * (maxLengthPath - len(k))
spaceString2 = " " + " " * (maxLengthAuthor -
len(result[k]['author']))
spaceString3 = " " + " " * (maxLengthDate - len(result[k]['date']))
print(" %s%s%s%s%s%s%s" %
(k, spaceString1, result[k]['author'], spaceString2,
result[k]['date'], spaceString3, result[k]['info']))
def exploit(): #poc main function
sga.infoPrint("test module, target host: %s, target port: %s" %
(sga.get("rhost"), sga.get("rport")))
sga.successPrint("this is a successfully message for test")
sga.errorPrint("this is an error message for test")
sga.weakPrint("the target is vulnerable")
sga.infoPrint("哈哈骗你的,想什么呢")
sga.nweakPrint("the target is not vulnerable!")
def search(kw):
try:
for i in open(".com/cacheDB"):
if kw in i:
i = i.strip("\n")
i = i.strip("\r\n") # for stupit bugdows
info = json.loads(i)
return info
except:
sga.errorPrint(
"Can not use the local cache database, use \"build\" command to rebuild local cache database"
)
sga.infoPrint("use slow search")
slowSearch(kw)
def main():
if sga.module == None:
sga.infoPrint("unload: no module has been loaded")
return
string = sga.modulePath
sga.module = None
sga.modulePath = None
sga.moduleType = None
sga.commandWord.remove(
"exploit") # remove the exploit command auto complete
sga.moduleOptionsWord = [] # remove the module option name auto complete
sga.commandPrompt = '\033[4;30mspf\033[0m > '
sga.infoPrint("unload: %s" % (string))
def main(cmd):
cmdList = cmd.split(" ")
if len(cmdList) < 3:
sga.errorPrint("set command: set [option name] [option value]")
return
if not sga.module:
sga.errorPrint("no module has been load")
return
name = str(cmdList[1])
value = str(cmdList[2])
try:
sga.moduleOptions[name]['value'] = value
except:
pass
sga.infoPrint("set %s => %s" % (name, value))
def main(cmd):
badCommand = ["vi", "vim", "ex", "python", "python3", "cd"]
if cmd in badCommand:
sga.infoPrint("command \"%s\" is not supported in SPF :)" % (cmd))
return
result = subprocess.getstatusoutput(cmd)
if result[0] == 0:
string = "execute system command: %s" % (cmd)
sga.successPrint(string)
print("-" * (4 + len(string)))
output = result[1].split("\n")
for i in output:
print(" %s" % (i))
print("-" * (4 + len(string)))
else:
sga.errorPrint("unknow command: %s" % (cmd))
def main():
if os.path.isfile(".com/cacheDB"):
os.remove(".com/cacheDB")
filePointer = open(".com/cacheDB", "a+")
for dir in os.walk("scorcsoftPOC"):
d = dir[0]
if d[-11:] == "__pycache__":
continue
for file in dir[2]:
if file == "__init__.py":
continue
if file[-3:] == "pyc":
continue
if file[0:1] == ".":
continue
string = "%s/%s" % (d, file[:-3])
pathString = string.replace("/", ".")
#print(string,pathString)
module = importlib.import_module(pathString)
subTmp = {
"author": module.author,
"date": module.date,
"info": module.info
}
tmp = {string: subTmp}
string = json.dumps(tmp)
filePointer.write("%s\n" % (string))
filePointer.close()
sga.infoPrint("build the local cache database")