From 8e4070b7d30ee8e340264715d785301721dfb4a1 Mon Sep 17 00:00:00 2001 From: wh0am1i Date: Mon, 29 Apr 2024 14:37:28 +0800 Subject: [PATCH 1/4] feat:During batch scanning, too many targets cause the output results to exceed the display range. --- pocsuite3/lib/controller/controller.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pocsuite3/lib/controller/controller.py b/pocsuite3/lib/controller/controller.py index b0055950..878da24a 100644 --- a/pocsuite3/lib/controller/controller.py +++ b/pocsuite3/lib/controller/controller.py @@ -86,7 +86,7 @@ def show_task_result(): if row.status == 'success': success_num += 1 - data_to_stdout('\n{0}'.format(results_table.get_string(sortby="status", reversesort=True))) + data_to_stdout('\n{0}'.format(results_table.get_string(sortby="status", reversesort=False))) data_to_stdout("\nsuccess : {} / {}\n".format(success_num, total_num)) From 63a81bd6b2605f95d5af868a051c66936f078975 Mon Sep 17 00:00:00 2001 From: wh0am1i Date: Tue, 26 Nov 2024 14:04:06 +0800 Subject: [PATCH 2/4] fix:no moudle telnetlin in python3.13 --- pocsuite3/modules/listener/bind_tcp.py | 49 +++++++++++++++++++------- 1 file changed, 36 insertions(+), 13 deletions(-) diff --git a/pocsuite3/modules/listener/bind_tcp.py b/pocsuite3/modules/listener/bind_tcp.py index e7143daa..ed422644 100644 --- a/pocsuite3/modules/listener/bind_tcp.py +++ b/pocsuite3/modules/listener/bind_tcp.py @@ -1,16 +1,20 @@ import os +import sys import socket import zlib import pickle import base64 import select -import telnetlib import threading from pocsuite3.lib.core.poc import POCBase from pocsuite3.lib.utils import random_str from pocsuite3.lib.core.common import check_port from pocsuite3.lib.core.data import conf, logger +print(sys.version_info) +if sys.version_info <= (3, 12): + import telnetlib + def read_inputs(s): buffer = [] @@ -26,7 +30,7 @@ def read_inputs(s): def read_results(conn, inputs): - if isinstance(conn, telnetlib.Telnet): + if sys.version_info <= (3, 12) and isinstance(conn, telnetlib.Telnet): flag = random_str(6).encode() inputs = inputs.strip() + b';' + flag + b'\n' results = b'' @@ -43,7 +47,7 @@ def read_results(conn, inputs): results = os.linesep.encode().join( results.split(flag)[0].splitlines()[0:-1]) return results.strip() + b'\n' - elif callable(conn): + if callable(conn): results = conn(inputs.decode()) if not isinstance(results, bytes): results = results.encode() @@ -116,20 +120,39 @@ def bind_tcp_shell(host, port, check=True): def bind_telnet_shell(host, port, user, pwd, check=True): + # see https://peps.python.org/pep-0594/#telnetlib + if sys.version_info <= (3, 12): + import telnetlib + if not check_port(host, port): return False try: - tn = telnetlib.Telnet(host, port) - tn.expect([b'Login: ', b'login: '], 10) - tn.write(user.encode() + b'\n') - tn.expect([b'Password: ', b'password: '], 10) - tn.write(pwd.encode() + b'\n') - tn.write(b'\n') - if check: - flag = random_str(6).encode() - if flag not in read_results(tn, b'echo %s' % flag): - return False + if sys.version_info <= (3, 12): + tn = telnetlib.Telnet(host, port) + tn.expect([b'Login: ', b'login: '], 10) + tn.write(user.encode() + b'\n') + tn.expect([b'Password: ', b'password: '], 10) + tn.write(pwd.encode() + b'\n') + tn.write(b'\n') + if check: + flag = random_str(6).encode() + if flag not in read_results(tn, b'echo %s' % flag): + return False + + else: + tn = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + tn.connect((host, port)) + tn.recv(1024) + tn.sendall((user + "\n").encode('utf-8')) + tn.recv(1024) + tn.sendall((pwd + "\n").encode('utf-8')) + if check: + flag = random_str(6).encode() + if flag not in read_results(tn, b'echo %s' % flag): + return False + start_listener(tn) + except Exception as e: logger.error(str(e)) From e089a12f0f006cddc1753c00040a3521a18b8843 Mon Sep 17 00:00:00 2001 From: wh0am1i Date: Tue, 26 Nov 2024 15:43:45 +0800 Subject: [PATCH 3/4] fix: timeout --- pocsuite3/modules/listener/bind_tcp.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/pocsuite3/modules/listener/bind_tcp.py b/pocsuite3/modules/listener/bind_tcp.py index ed422644..be112b34 100644 --- a/pocsuite3/modules/listener/bind_tcp.py +++ b/pocsuite3/modules/listener/bind_tcp.py @@ -75,6 +75,16 @@ def read_results(conn, inputs): return b'\n' +def wait_msg(conn, inputs): + try: + while True: + msg = conn.recv(1024).decode('utf-8', errors='ignore') + if inputs in msg.lower(): + break + except Exception: + pass + + def flow_redirect(conn): s = socket.socket() s.connect((conf.connect_back_host, conf.connect_back_port)) @@ -142,9 +152,9 @@ def bind_telnet_shell(host, port, user, pwd, check=True): else: tn = socket.socket(socket.AF_INET, socket.SOCK_STREAM) tn.connect((host, port)) - tn.recv(1024) + wait_msg(tn, 'login: ') tn.sendall((user + "\n").encode('utf-8')) - tn.recv(1024) + wait_msg(tn, 'password: ') tn.sendall((pwd + "\n").encode('utf-8')) if check: flag = random_str(6).encode() From 081bc6868c7f82ca766e35b2fe5ef1bceede7d6f Mon Sep 17 00:00:00 2001 From: wh0am1i Date: Tue, 26 Nov 2024 16:15:58 +0800 Subject: [PATCH 4/4] remove: debug --- pocsuite3/modules/listener/bind_tcp.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/pocsuite3/modules/listener/bind_tcp.py b/pocsuite3/modules/listener/bind_tcp.py index be112b34..736840f5 100644 --- a/pocsuite3/modules/listener/bind_tcp.py +++ b/pocsuite3/modules/listener/bind_tcp.py @@ -11,10 +11,6 @@ from pocsuite3.lib.core.common import check_port from pocsuite3.lib.core.data import conf, logger -print(sys.version_info) -if sys.version_info <= (3, 12): - import telnetlib - def read_inputs(s): buffer = []