You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
404StarLink/detail/pocsuite3.md

6.1 KiB

pocsuite3 https://github.com/knownsec/pocsuite3

Language Author GitHub stars Version Time

Usage of pocsuite3 for attacking targets without prior mutual consent is illegal. pocsuite3 is for security testing purposes only

法律免责声明

未经事先双方同意,使用 pocsuite3 攻击目标是非法的。 pocsuite3 仅用于安全测试目的

Overview

pocsuite3 is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec 404 Team. It comes with a powerful proof-of-concept engine, many nice features for the ultimate penetration testers and security researchers.

Features

  • PoC scripts can running with verify, attack, shell mode in different way
  • Plugin ecosystem
  • Dynamic loading PoC script from any where (local file, redis, database, Seebug ...)
  • Load multi-target from any where (CIDR, local file, redis, database, Zoomeye, Shodan ...)
  • Results can be easily exported
  • Dynamic patch and hook requests
  • Both command line tool and python package import to use
  • IPv6 support
  • Global HTTP/HTTPS/SOCKS proxy support
  • Simple spider API for PoC script to use
  • Integrate with Seebug (for load PoC from Seebug website)
  • Integrate with ZoomEye, Shodan, etc. (for load target use Dork)
  • Integrate with Ceye, Interactsh (for verify blind DNS and HTTP request)
  • Friendly debug PoC scripts with IDEs
  • More ...

Screenshots

pocsuite3 console mode

asciicast

pocsuite3 shell mode

asciicast

pocsuite3 load PoC from Seebug

asciicast

pocsuite3 load multi-target from ZoomEye

asciicast

pocsuite3 load multi-target from Shodan

asciicast

Requirements

  • Python 3.7+
  • Works on Linux, Windows, Mac OSX, BSD, etc.

Installation

Paste at a terminal prompt:

Python pip

pip3 install pocsuite3

# use other pypi mirror
pip3 install -i https://pypi.tuna.tsinghua.edu.cn/simple pocsuite3

MacOS

brew update
brew info pocsuite3
brew install pocsuite3

Debian, Ubuntu, Kali

sudo apt update
sudo apt install pocsuite3

Docker

docker run -it pocsuite3/pocsuite3

ArchLinux

yay pocsuite3

Or click here to download the latest source zip package and extract

wget https://github.com/knownsec/pocsuite3/archive/master.zip
unzip master.zip
cd pocsuite3-master
pip3 install -r requirements.txt
python3 setup.py install

The latest version of this software is available at: https://pocsuite.org

Documentation

Documentation is available at: https://pocsuite.org

Usage

cli mode

	# basic usage, use -v to set the log level
	pocsuite -u http://example.com -r example.py -v 2

	# run poc with shell mode
	pocsuite -u http://example.com -r example.py -v 2 --shell

	# search for the target of redis service from ZoomEye and perform batch detection of vulnerabilities. The threads is set to 20
	pocsuite -r redis.py --dork service:redis --threads 20

	# load all poc in the poc directory and save the result as html
	pocsuite -u http://example.com --plugins poc_from_pocs,html_report

	# load the target from the file, and use the poc under the poc directory to scan
	pocsuite -f batch.txt --plugins poc_from_pocs,html_report

	# load CIDR target
	pocsuite -u 10.0.0.0/24 -r example.py

	# the custom parameters `command` is implemented in ecshop poc, which can be set from command line options
	pocsuite -u http://example.com -r ecshop_rce.py --attack --command "whoami"

console mode
    poc-console

项目相关

最近更新

[v2.0.3] - 2023-03-21

更新

  • 优化对 URL 协议的自动纠正
  • 支持通过 --no-check 选项禁用 URL 协议自动纠正和蜜罐检查

[v2.0.2] - 2022-12-13

更新

  • 修复 _check 方法中 url 重定向的问题
  • 修复 console 模式下 use 命令使用绝对路径的问题
  • 修复 build_url 兼容 ipv6 的问题
  • 优化 nuclei DSL 表达式执行

[v2.0.1] - 2022-11-09

更新

  • 修复 words 匹配器表达式执行的问题
  • 修复模版中包含中文异常捕获的问题
  • 提高模版的鲁棒性
  • 支持 digest_username 和 digest_password,用于 http 认证
  • 支持 negative 反向匹配器

[v2.0.0] - 2022-11-03

更新

  • 支持 yaml 格式 poc,与 nuclei 的 poc 模版兼容
  • 修复 httpserver 模块在 macos 平台卡住的问题
  • 结合 http 状态码对 http/https 协议自动纠正

[v1.9.11] - 2022-09-08

更新

  • 用户可以在 PoC 中自定义协议和默认端口,方便对 url 格式化
  • 使用 -p 参数给目标添加额外端口,可同时提供协议
  • 使用 -s 参数可以 skip target 本身的端口,只使用 -p 提供的端口
  • poc-console 优化
  • 一些改进和 bug 修复