Merge pull request knownsec#96 from chen2aaron/master

Add constant VUL_TYPE

docs/CODING.md

@@ -249,7 +249,7 @@ register_poc(DemoPOC)
 ```python
 from collections import OrderedDict
 
-from pocsuite3.api import Output, POCBase, POC_CATEGORY, register_poc, requests
+from pocsuite3.api import Output, POCBase, POC_CATEGORY, register_poc, requests, VUL_TYPE
 from pocsuite3.api import OptString
 
 
@@ -265,7 +265,7 @@ class DemoPOC(POCBase):
  appPowerLink = 'http:https://www.knownsec.com/'
  appName = 'test'
  appVersion = 'test'
- vulType = 'demo'
+ vulType = VUL_TYPE.XSS
  desc = '''这个例子说明了你可以使用console模式设置一些参数或者使用命令中的'--'来设置自定义的参数'''
  samples = []
  category = POC_CATEGORY.EXPLOITS.WEBAPP

pocsuite3/api/__init__.py

@@ -2,7 +2,7 @@
 from pocsuite3.lib.core.common import single_time_warn_message
 from pocsuite3.lib.core.data import conf, kb, logger, paths
 from pocsuite3.lib.core.datatype import AttribDict
-from pocsuite3.lib.core.enums import PLUGIN_TYPE, POC_CATEGORY
+from pocsuite3.lib.core.enums import PLUGIN_TYPE, POC_CATEGORY, VUL_TYPE
 from pocsuite3.lib.core.option import init, init_options
 from pocsuite3.lib.core.plugin import PluginBase, register_plugin
 from pocsuite3.lib.core.poc import POCBase, Output
@@ -29,12 +29,12 @@
 
 __all__ = (
  'requests', 'PluginBase', 'register_plugin',
- 'PLUGIN_TYPE', 'POCBase', 'Output', 'AttribDict', 'POC_CATEGORY',
+ 'PLUGIN_TYPE', 'POCBase', 'Output', 'AttribDict', 'POC_CATEGORY', 'VUL_TYPE',
  'register_poc', 'conf', 'kb', 'logger', 'paths', 'DEFAULT_LISTENER_PORT', 'load_file_to_module',
  'load_string_to_module', 'single_time_warn_message', 'CEye', 'Seebug',
  'ZoomEye', 'Shodan','Fofa','Censys', 'PHTTPServer', 'REVERSE_PAYLOAD', 'get_listener_ip', 'get_listener_port',
  'get_results', 'init_pocsuite', 'start_pocsuite', 'get_poc_options', 'crawl',
- 'OSShellcodes', 'WebShell', 'OptDict', 'OptIP', 'OptPort', 'OptBool', 'OptInteger', 'OptFloat', 'OptString', \
+ 'OSShellcodes', 'WebShell', 'OptDict', 'OptIP', 'OptPort', 'OptBool', 'OptInteger', 'OptFloat', 'OptString',
  'OptItems', 'OptDict', 'get_middle_text', 'generate_shellcode_list', 'random_str')
 
 

pocsuite3/lib/core/enums.py

@@ -142,3 +142,67 @@ class OPTION_TYPE:
  INTEGER = "integer"
  FLOAT = "float"
  STRING = "string"
+
+
+class VUL_TYPE:
+ HTTP_PARAMETER_POLLUTION = 'HTTP Parameter Pollution' # HTTP 参数污染
+ BACKDOOR = 'Backdoor' # 后门
+ INSECURE_COOKIE_HANDLING = 'Insecure Cookie Handling' # Cookie 验证错误
+ CSRF = 'CSRF' # 跨站请求伪造
+ SHELLCODE = 'ShellCode' # ShellCode
+ SQL_INJECTION = 'SQL Injection' # SQL 注入
+ ARBITRARY_FILE_DOWNLOAD = 'Arbitrary File Download' # 任意文件下载
+ ARBITRARY_FILE_CREATION = 'Arbitrary File Creation' # 任意文件创建
+ ARBITRARY_FILE_DELETION = 'Arbitrary File Deletion' # 任意文件删除
+ ARBITRARY_FILE_READ = 'Arbitrary File Read' # 任意文件读取
+ OTHER = 'Other' # 其他类型
+ VARIABLE_COVERAGE = 'Variable Coverage' # 变量覆盖
+ COMMAND_EXECUTION = 'Command Execution' # 命令执行
+ INJECTING_MALWARE_CODES = 'Injecting Malware Codes' # 嵌入恶意代码
+ WEAK_PASSWORD = 'Weak Password' # 弱密码
+ DENIAL_OF_SERVICE = 'Denial Of service' # 拒绝服务
+ DATABASE_FOUND = 'Database Found' # 数据库发现
+ UPLOAD_FILES = 'Upload Files' # 文件上传
+ REMOTE_FILE_INCLUSION = 'Remote File Inclusion' # 远程文件包含
+ LOCAL_OVERFLOW = 'Local Overflow' # 本地溢出
+ PRIVILEGE_ESCALATION = 'Privilege Escalation' # 权限提升
+ INFORMATION_DISCLOSURE = 'Information Disclosure' # 信息泄漏
+ LOGIN_BYPASS = 'Login Bypass' # 登录绕过
+ PATH_TRAVERSAL = 'Path Traversal' # 目录穿越
+ RESOLVE_ERROR = 'Resolve Error' # 解析错误
+ UNAUTHORIZED_ACCESS = 'Unauthorized Access' # 越权访问
+ XSS = 'XSS' # 跨站脚本
+ PATH_DISCLOSURE = 'Path Disclosure' # 路径泄漏
+ CODE_EXECUTION = 'Code Execution' # 代码执行
+ REMOTE_PASSWORD_CHANGE = 'Remote Password Change' # 远程密码修改
+ REMOTE_OVERFLOW = 'Remote Overflow' # 远程溢出
+ DIRECTORY_LISTING = 'Directory Listing' # 目录遍历
+ NULL_BYTE_INJECTION = 'Null Byte Injection' # 空字节注入
+ MAN_IN_THE_MIDDLE = 'Man-in-the-middle' # 中间人攻击
+ FORMAT_STRING = 'Format String' # 格式化字符串
+ BUFFER_OVERFLOW = 'Buffer Overflow' # 缓冲区溢出
+ HTTP_REQUEST_SPLITTING = 'HTTP Request Splitting' # HTTP 请求拆分
+ CRLF_INJECTION = 'CRLF Injection' # CRLF 注入
+ XML_INJECTION = 'XML Injection' # XML 注入
+ LOCAL_FILE_INCLUSION = 'Local File Inclusion' # 本地文件包含
+ CREDENTIAL_PREDICTION = 'Credential Prediction' # 证书预测
+ HTTP_RESPONSE_SPLITTING = 'HTTP Response Splitting' # HTTP 响应拆分
+ SSI_INJECTION = 'SSI Injection' # SSI 注入
+ OUT_OF_MEMORY = 'Out of Memory' # 内存溢出
+ INTEGER_OVERFLOWS = 'Integer Overflows' # 整数溢出
+ HTTP_RESPONSE_SMUGGLING = 'HTTP Response Smuggling' # HTTP 响应伪造
+ HTTP_REQUEST_SMUGGLING = 'HTTP Request Smuggling' # HTTP 请求伪造
+ CONTENT_SPOOFING = 'Content Spoofing' # 内容欺骗
+ XQUERY_INJECTION = 'XQuery Injection' # XQuery 注入
+ BUFFER_OVER_READ = 'Buffer Over-read' # 缓存区过读
+ BRUTE_FORCE = 'Brute Force' # 暴力破解
+ LDAP_INJECTION = 'LDAP Injection' # LDAP 注入
+ SECURITY_MODE_BYPASS = 'Security Mode Bypass' # 安全模式绕过
+ BACKUP_FILE_FOUND = 'Backup File Found' # 备份文件发现
+ XPATH_INJECTION = 'XPath Injection' # XPath 注入
+ URL_REDIRECTOR_ABUSE = 'URL Redirector Abuse' # URL 重定向
+ CODE_DISCLOSURE = 'Code Disclosure' # 代码泄漏
+ USE_AFTER_FREE = 'Use After Free' # 释放后重用
+ DNS_HIJACKING = 'DNS Hijacking' # DNS 劫持
+ IMPROPER_INPUT_VALIDATION = 'Improper Input Validation' # 错误的输入验证
+ UXSS = 'UXSS' # 通用跨站脚本