poc脚本的编写步骤
1.首先新建一个.py文件,文件名应当符合命名格式
2.编写poc实现类DemoPOC,继承自POCBase类
from pocsuit3.api import Output, POCBase, register_poc, requests, logger
from pocsuit3.api import Output, get_listener_ip, get_listener_port
from pocsuit3.api import REVERSE_PAYLOAD
from pocsuit3.lib.utils import random_str
class DemoPOC(POCBase):
3.填写poc信息字段,需要认真填写所有字段的基本信息,规范信息以便于查找
class DemoPOC(POCBase):
vulID = '1.1'
version = '1'
author = ['1']
vulDate = '2021-2-2'
createDate = '2020/10/10'
updateDate = '1.1'
references = ['vulhub']
name = 'flask-poc'
appPowerLink = 'flask'
appName = 'flask'
appVersion = 'flask'
vulType = VUL_TYPE.CODE_EXECUTION
desc = ''' #此处是对poc的描述,展开数组时key带入SQL语句形成SQL注入,可以添加管理员,伪装成信息泄露
flask
'''
samples = ['96.234.71.117:80']
install_requires = []
4.编写验证模式,在_verify方法中写入POC雁阵脚本
def _verify(self):
output = Output(self)
if result:
output.success(result)
else:
output.fail('target is not vulnerable')
return output
5.编写攻击模式。用_attack()函数中,写入EXP脚本,在攻击模式下可以对目标进行getshell,查询管理员账户密码等操作,定义它的方法与检测模式类似;
def_attack(self):
output = Output(self)
result = {}