search

knownsec / Pocsuite

This project has stopped to maintenance, please to https://github.com/knownsec/pocsuite3 project.
http://pocsuite.org
1.83k stars 607 forks source link

集成pocsuite时报错:pocsuite.lib.core.exception.PocsuiteDataException: unable to access item 'registeredPocs' #130

Closed like-water closed 7 years ago

like-water commented 7 years ago

按照官方文档加TestPOC(直接用的规范里的测试:https://github.com/knownsec/Pocsuite/blob/ee7c7da71e374d853eb9c8816ba3dbf9261683ed/docs/CODING.md#poc-%E7%BC%96%E5%86%99%E8%A7%84%E8%8C%83%E5%8F%8A%E8%A6%81%E6%B1%82%E8%AF%B4%E6%98%8E)以及test.py; 这两个py在同一目录下; test.py: `# -- coding: utf-8 --

import pocsuite from pocsuite.api.cannon import Cannon from pocsuite.api.poc import register import TestPOC

info={"pocname": "TestPOC", "pocstring": u"sf", "mode": "verify( or attack)" }

target="test.site" invoker=Cannon(target,info)

resulet=invoker.run()`

执行时报错如下: Traceback (most recent call last): File "/root/xunfeng/aider/test.py", line 8, in <module> import TestPOC File "/root/xunfeng/aider/TestPOC.py", line 91, in <module> register(TestPOC) File "/home/project/sometest/venv/local/lib/python2.7/site-packages/pocsuite/lib/core/register.py", line 22, in registerPoc if module in kb.registeredPocs: File "/home/project/sometest/venv/local/lib/python2.7/site-packages/pocsuite/lib/core/datatype.py", line 46, in __getattr__ raise PocsuiteDataException("unable to access item '%s'" % item) pocsuite.lib.core.exception.PocsuiteDataException: unable to access item 'registeredPocs'

查看源码后,估计是kb中没有registeredPocs;在TestPOC.py中加入 初始 kb["registeredPocs"] = {} 这次就ok了 `TestPOC [18:11:29] [-] ('Connection aborted.', gaierror(-2, 'Name or service not known')) ('test.site', 'TestPOC', '1571', 'Drupal', '7.x', (3.0, ConnectionError(ProtocolError('Connection aborted.', gaierror(-2, 'Name or service not known')),)), '2017-07-05 18:11:29', '{}')

Process finished with exit code 0`

但这样就是每次只能执行一个,总感觉是不是姿势不对, 求指教

hysia commented 7 years ago

多个 Cannon 实例 就可以了

like-water commented 7 years ago

@hysia 在哪里多个Cannon实例

还有,test.py中的import TestPOC是我后加的,如果不加的话,报错 File "<TestPOC>", line 1, in <module> NameError: name 'sf' is not defined 这里的sf是我的"pocstring"对应的;

nixawk commented 7 years ago

@like-water Please read https://github.com/knownsec/Pocsuite/wiki/How-to-use-the-cannon-api for details.

#!/usr/bin/python
# coding:utf-8

from pocsuite.api.cannon import Cannon
info = {"pocname": "dlink_command_php_exec_noauth",
        "pocstring": open("./modules/dlink_command_php_exec_noauth.py").read(),
        "mode": "verify"}

target = "www.justfordemo.com"
invoker = Cannon(target, info)
result = invoker.run()
print(result)
like-water commented 7 years ago

@nixawk 谢谢,ok了; 这样写跟我之前 ` kb.registeredPocs = {}

import TestPOC` info中pocstring随意写 效果一样吧, 还是有什么特别的优点?