【POC】pocsuite 用法

概述：pocsuite 工具的用法整理

参考链接：

• 工具| PocSuite 使用介绍 - FreeBuf网络安全行业门户
• Pocsuite3 | Open source remote vulnerability testing framework
• Pocsuite3 是什么？ | Pocsuite3

安装

# pip
pip install pocsuite
# pdm
pdm add pocsuite

安装完成之后还要安装 setupTools，如果不安装，则会报错 ModuleNotFoundError: No module named 'pkg_resources'

# pip
pip install setuptools
# pdm
pdm add setuptools

使用

使用 pdm 运行时，必须指定 POC 的全路径。

Administrator@5CD227B8LV MINGW64 /d/Documents/A_Source/OpenSource/POC/Library-POC/Exchange/CVE-2021-26855 (master)
$ pdm run pocsuite -r "D:\Documents\A_Source\OpenSource\POC\Library-POC\Exchange\CVE-2021-26855\CVE-2021-26855.py" -u https://192.168.106.145 --verify
 
,------.                        ,--. ,--.       ,----.   {2.0.8-247cac4}
|  .--. ',---. ,---.,---.,--.,--`--,-'  '-.,---.'.-.  |
|  '--' | .-. | .--(  .-'|  ||  ,--'-.  .-| .-. : .' <
|  | --'' '-' \ `--.-'  `'  ''  |  | |  | \   --/'-'  |
`--'     `---' `---`----' `----'`--' `--'  `----`----'   https://pocsuite.org
[*] starting at 15:38:32
 
[15:38:32] [INFO] loading PoC script 'D:\Documents\A_Source\OpenSource\POC\Library-POC\Exchange\CVE-2021-26855\CVE-2021-26855.py'
[15:38:32] [INFO] pocsusite got a total of 1 tasks
[15:38:32] [INFO] running poc:'Microsoft Exchange Server SSRF漏洞' target 'https://192.168.106.145'
[15:38:32] [+] URL : https://192.168.106.145:443
[15:38:32] [INFO] Scan completed,ready to print
 
+-------------------------+------------------------------------+--------+---------------------------+------------------------------------------------------------------+---------+
| target-url              |              poc-name              | poc-id |         component         |                             version                              |  status |
+-------------------------+------------------------------------+--------+---------------------------+------------------------------------------------------------------+---------+
| https://192.168.106.145 | Microsoft Exchange Server SSRF漏洞 |        | Microsoft Exchange Server | Exchange Server 2013、Exchange Server 2016、Exchange Server 2019 | success |
+-------------------------+------------------------------------+--------+---------------------------+------------------------------------------------------------------+---------+
success : 1 / 1
 
[*] shutting down at 15:38:32