README.md 5.48 KB
Newer Older
Nong Hoang Tu's avatar
Nong Hoang Tu committed
1
2
3
4
5
# pocsuite3

[![Python 3.x](https://img.shields.io/badge/python-3.x-yellow.svg)](https://www.python.org/) [![License](https://img.shields.io/badge/license-GPLv2-red.svg)](https://raw.githubusercontent.com/knownsec/Pocsuite/master/docs/COPYING) [![Twitter](https://img.shields.io/badge/twitter-@seebug-blue.svg)](https://twitter.com/seebug_team) [![build](https://api.travis-ci.org/knownsec/pocsuite3.svg)](https://travis-ci.org/knownsec/pocsuite3)

## Legal Disclaimer
Nong Hoang Tu's avatar
Nong Hoang Tu committed
6
7
Usage of pocsuite3 for attacking targets without prior mutual consent is illegal.
pocsuite3 is for security testing purposes only
Nong Hoang Tu's avatar
Nong Hoang Tu committed
8
9

## 法律免责声明
Nong Hoang Tu's avatar
Nong Hoang Tu committed
10
11
未经事先双方同意,使用 pocsuite3 攻击目标是非法的。
pocsuite3 仅用于安全测试目的
Nong Hoang Tu's avatar
Nong Hoang Tu committed
12
13
14
15

## Overview

pocsuite3 is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the [**Knownsec 404 Team**](http://www.knownsec.com/). 
Nong Hoang Tu's avatar
Nong Hoang Tu committed
16
It comes with a powerful proof-of-concept engine, many nice features for the ultimate penetration testers and security researchers.
Nong Hoang Tu's avatar
Nong Hoang Tu committed
17
18

## Features
Nong Hoang Tu's avatar
Nong Hoang Tu committed
19
* PoC scripts can running with `verify`, `attack`, `shell` mode in different way
Nong Hoang Tu's avatar
Nong Hoang Tu committed
20
* Plugin ecosystem
Nong Hoang Tu's avatar
Nong Hoang Tu committed
21
22
* Dynamic loading PoC script from any where (local file, redis, database, Seebug ...)
* Load multi-target from any where (CIDR, local file, redis, database, Zoomeye, Shodan ...)
Nong Hoang Tu's avatar
Nong Hoang Tu committed
23
24
25
26
27
28
29
30
31
32
* Results can be easily exported
* Dynamic patch and hook requests 
* Both command line tool and python package import to use
* IPV6 support
* Global HTTP/HTTPS/SOCKS proxy support
* Simple spider API for PoC script to use
* Integrate with [Seebug](https://www.seebug.org) (for load PoC from Seebug website)
* Integrate with [ZoomEye](https://www.zoomeye.org) (for load target from ZoomEye `Dork`)
* Integrate with [Shodan](https://www.shodan.io) (for load target from Shodan `Dork`)
* Integrate with [Ceye](http://ceye.io/) (for verify blind DNS and HTTP request)
Nong Hoang Tu's avatar
Nong Hoang Tu committed
33
* Integrate with [Interactsh](https://github.com/projectdiscovery/interactsh) (for verify blind DNS and HTTP request)
Nong Hoang Tu's avatar
Nong Hoang Tu committed
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
* Integrate with Fofa (for load target from Fofa `Dork`)
* Friendly debug PoC scripts with IDEs
* More ...

## Screenshots

### pocsuite3 console mode
[![asciicast](https://asciinema.org/a/219356.png)](https://asciinema.org/a/219356)

### pocsuite3 shell mode
[![asciicast](https://asciinema.org/a/203101.png)](https://asciinema.org/a/203101)

### pocsuite3 load PoC from Seebug 
[![asciicast](https://asciinema.org/a/207350.png)](https://asciinema.org/a/207350)

### pocsuite3 load multi-target from ZoomEye
[![asciicast](https://asciinema.org/a/133344.png)](https://asciinema.org/a/133344)

### pocsuite3 load multi-target from Shodan
[![asciicast](https://asciinema.org/a/207349.png)](https://asciinema.org/a/207349)

## Requirements

Nong Hoang Tu's avatar
Nong Hoang Tu committed
57
- Python 3.6+
Nong Hoang Tu's avatar
Nong Hoang Tu committed
58
- Works on Linux, Windows, Mac OSX, BSD, etc.
Nong Hoang Tu's avatar
Nong Hoang Tu committed
59
60
61

## Installation

Nong Hoang Tu's avatar
Nong Hoang Tu committed
62
63
64
65
66
67
68
69
70
71
72
73
Paste at a terminal prompt:

### Python pip

``` bash
pip3 install pocsuite3

# use other pypi mirror
pip3 install -i https://pypi.tuna.tsinghua.edu.cn/simple pocsuite3
```

### MacOS
Nong Hoang Tu's avatar
Nong Hoang Tu committed
74
75

``` bash
Nong Hoang Tu's avatar
Nong Hoang Tu committed
76
77
78
brew update
brew info pocsuite3
brew install pocsuite3
Nong Hoang Tu's avatar
Nong Hoang Tu committed
79
80
```

Nong Hoang Tu's avatar
Nong Hoang Tu committed
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
### [Debian](https://tracker.debian.org/pkg/pocsuite3), [Ubuntu](https://launchpad.net/ubuntu/+source/pocsuite3), [Kali](http://pkg.kali.org/pkg/pocsuite3)

``` bash
sudo apt update
sudo apt install pocsuite3
```

### ArchLinux

``` bash
yay pocsuite3
```

###

Nong Hoang Tu's avatar
Nong Hoang Tu committed
96
97
98
99
100
101
102
Or click [here](https://github.com/knownsec/pocsuite3/archive/master.zip) to download the latest source zip package and extract

``` bash
$ wget https://github.com/knownsec/pocsuite3/archive/master.zip
$ unzip master.zip
$ cd pocsuite3-master
$ pip3 install -r requirements.txt
Nong Hoang Tu's avatar
Nong Hoang Tu committed
103
$ python3 setup.py install
Nong Hoang Tu's avatar
Nong Hoang Tu committed
104
105
106
```


Nong Hoang Tu's avatar
Nong Hoang Tu committed
107
The latest version of this software is available at: https://pocsuite.org
Nong Hoang Tu's avatar
Nong Hoang Tu committed
108
109
110
111
112

## Documentation

Documentation is available in the [```docs```](./docs) directory.

Nong Hoang Tu's avatar
Nong Hoang Tu committed
113
114
## Usage

Nong Hoang Tu's avatar
Nong Hoang Tu committed
115
```
Nong Hoang Tu's avatar
Nong Hoang Tu committed
116
117
118
119
cli mode

	# basic usage, use -v to set the log level
	pocsuite -u http://example.com -r example.py -v 2
Nong Hoang Tu's avatar
Nong Hoang Tu committed
120

Nong Hoang Tu's avatar
Nong Hoang Tu committed
121
122
	# run poc with shell mode
	pocsuite -u http://example.com -r example.py -v 2 --shell
Nong Hoang Tu's avatar
Nong Hoang Tu committed
123

Nong Hoang Tu's avatar
Nong Hoang Tu committed
124
125
	# search for the target of redis service from ZoomEye and perform batch detection of vulnerabilities. The thread is set to 20
	pocsuite -r redis.py --dork service:redis --threads 20
Nong Hoang Tu's avatar
Nong Hoang Tu committed
126

Nong Hoang Tu's avatar
Nong Hoang Tu committed
127
128
	# load all poc in the poc directory and save the result as html
	pocsuite -u http://example.com --plugins poc_from_pocs,html_report
Nong Hoang Tu's avatar
Nong Hoang Tu committed
129

Nong Hoang Tu's avatar
Nong Hoang Tu committed
130
131
	# load the target from the file, and use the poc under the poc directory to scan
	pocsuite -f batch.txt --plugins poc_from_pocs,html_report
Nong Hoang Tu's avatar
Nong Hoang Tu committed
132

Nong Hoang Tu's avatar
Nong Hoang Tu committed
133
134
	# load CIDR target
	pocsuite -u 10.0.0.0/24 -r example.py --plugins target_from_cidr
Nong Hoang Tu's avatar
Nong Hoang Tu committed
135

Nong Hoang Tu's avatar
Nong Hoang Tu committed
136
137
	# the custom parameters `command` is implemented in ecshop poc, which can be set from command line options
	pocsuite -u http://example.com -r ecshop_rce.py --attack --command "whoami"
Nong Hoang Tu's avatar
Nong Hoang Tu committed
138

Nong Hoang Tu's avatar
Nong Hoang Tu committed
139
console mode
Nong Hoang Tu's avatar
Nong Hoang Tu committed
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
    poc-console
```

## How to Contribute

1. Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.
2. Fork [the repository](https://github.com/knownsec/pocsuite3) on GitHub to start making your changes to the **dev** branch (or branch off of it).
3. Write a test which shows that the bug was fixed or that the feature works as expected.
4. Send a pull request and bug the maintainer until it gets merged and published. Make sure to add yourself to [THANKS](./docs/THANKS.md).


## Links

* [Contributors](./CONTRIBUTORS.md)
* [Change Log](./CHANGELOG.md)
* [Bug tracking](https://github.com/knownsec/pocsuite3/issues)
* [Copyright](./COPYING)
Nong Hoang Tu's avatar
Nong Hoang Tu committed
157
* [Pocsuite](https://pocsuite.org)
Nong Hoang Tu's avatar
Nong Hoang Tu committed
158
159
160
* [Seebug](https://www.seebug.org)
* [ZoomEye](https://www.zoomeye.org)
* [Knownsec](https://www.knownsec.com)