def parse_attack(self, result): output = Output(self) if result: output.success(result) else: output.fail("not vulnerability") return output
def parse_output(self, result): output = Output(self) if result: output.success(result) else: output.fail('target is not vulnerable') return output
def parse_output(self, result): output = Output(self) if result: output.success(result) else: output.fail('not vulnerability') return output
def parse_attack(self, result): output = Output(self) if result: output.success(result) else: output.fail('Internet noting return') return output
def save_output(self, result): output = Output(self) if result: output.success(result) else: output.fail() return output
def parse_attack(self, result): output = Output(self) if result: output.success(result) else: output.fail('Failed') return output
def _verify(self): output = Output(self) # 验证代码 result = { # 不管是验证模式或者攻击模式,返回结果 result 中的 key 值必须按照下面的规范来写 # [ PoC结果返回规范 ]( https://github.com/knownsec/pocsuite3/blob/master/docs/CODING.md#resultstandard ) "Result": { "DBInfo": { "Username": "******", "Password": "******", "Salt": "xxx", "Uid": "xxx", "Groupid": "xxx", }, "ShellInfo": {"URL": "xxx", "Content": "xxx"}, "FileInfo": {"Filename": "xxx", "Content": "xxx"}, "XSSInfo": {"URL": "xxx", "Payload": "xxx"}, "AdminInfo": {"Uid": "xxx", "Username": "******", "Password": "******"}, "Database": { "Hostname": "xxx", "Username": "******", "Password": "******", "DBname": "xxx", }, "VerifyInfo": {"URL": "xxx", "Postdata": "xxx", "Path": "xxx"}, "SiteAttr": {"Process": "xxx"}, "Stdout": "result output string", } } if result: # result是返回结果 output.success(result) else: output.fail("target is not vulnerable") return output
def parse_verify(self, result): output = Output(self) if result: output.success(result) else: output.fail('Internet Nothing returned') return output
def parse_output(self, result): output = Output(self) if result: output.success(result) else: output.fail('not MS17-010') return output
def parse_output(self, result): # parse output output = Output(self) if result: output.success(result) else: output.fail('Internet nothing returned') return output
def parse_output(self, result={}): output = Output(self) if result and len(result.keys())!=0: output.success(result) else: output.fail('target is not vulnerable') return output
def parse_result(self, result): output = Output(self) if result: output.success(result) else: output.fail("Internet Nothing returned") return output
def parse_attack(self, result): output = Output(self) if result: # if result['VerifyInfo']['Path']: output.success(result) # output.success('Succeed') else: output.fail('Fail test') return output
def _verify(self): output = Output(self) response = str(self.send()) if "var fgt_lang =" in response: result = {} result['VerifyInfo'] = {} result['VerifyInfo']['URL'] = self.url output.success(result) else: output.fail('Target is not vulnerable') return output
def _verify(self): output = Output(self) # 验证代码 result = { # 不管是验证模式或者攻击模式,返回结果 result 中的 key 值必须按照下面的规范来写 # [ PoC结果返回规范 ]( https://github.com/knownsec/pocsuite3/blob/master/docs/CODING.md#resultstandard ) 'Result': { 'DBInfo': { 'Username': '******', 'Password': '******', 'Salt': 'xxx', 'Uid': 'xxx', 'Groupid': 'xxx' }, 'ShellInfo': { 'URL': 'xxx', 'Content': 'xxx' }, 'FileInfo': { 'Filename': 'xxx', 'Content': 'xxx' }, 'XSSInfo': { 'URL': 'xxx', 'Payload': 'xxx' }, 'AdminInfo': { 'Uid': 'xxx', 'Username': '******', 'Password': '******' }, 'Database': { 'Hostname': 'xxx', 'Username': '******', 'Password': '******', 'DBname': 'xxx' }, 'VerifyInfo': { 'URL': 'xxx', 'Postdata': 'xxx', 'Path': 'xxx' }, 'SiteAttr': { 'Process': 'xxx' }, 'Stdout': 'result output string' } } if result: # result是返回结果 output.success(result) else: output.fail('target is not vulnerable') return output