Merge pull request #14 from wh0am1i/tmp

update actions/checkout version & feat: add html plugins copy result …
knownsec · Apr 28, 2024 · 4b193b9 · 4b193b9
2 parents 25b5b77 + 70f61bb
commit 4b193b9
Show file tree

Hide file tree

Showing 6 changed files with 81 additions and 30 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -5,26 +5,28 @@ jobs:
   test:
     strategy:
       matrix:
-        python-version: [3.7, '3.10']
+        python-version: ['3.9', '3.11']
         os: [ubuntu-latest, macos-latest, windows-latest]
     runs-on: ${{ matrix.os }}
     timeout-minutes: 30
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
     - name: Cache for pip
-      uses: actions/cache@v1
+      uses: actions/cache@v4
       id: cache-pip
       with:
         path: ~/.cache/pip
         key: ${{ matrix.os }}-cache-pip
 
     - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v1
+      uses: actions/setup-python@v4
       with:
         python-version: ${{ matrix.python-version }}
 
     - name: Install dependencies & Test
       run: |
+        pip install --upgrade pip
+        pip install --upgrade setuptools
         pip install --upgrade -r requirements.txt
         python setup.py install
-        python test.py
+        python test.py
diff --git a/pocsuite3/__init__.py b/pocsuite3/__init__.py
@@ -1,5 +1,5 @@
 __title__ = 'pocsuite3'
-__version__ = '2.0.8'
+__version__ = '2.0.9'
 __author__ = 'Knownsec 404 Team'
 __author_email__ = '[email protected]'
 __license__ = 'GPLv2'

diff --git a/pocsuite3/lib/controller/controller.py b/pocsuite3/lib/controller/controller.py
@@ -136,8 +136,13 @@ def task_run():
             else:
                 logger.warn("No libpcap is detected, and the poc will continue to execute without fetching the packet")
                 conf.pcap = False
+        info_msg = "running poc:'{0}' target '{1}'".format(
+            poc_name,
+            mosaic(target)
+        )
 
-        info_msg = "running poc:'{0}' target '{1}'".format(poc_name, mosaic(target))
+        if len(kb.targets) > 1:
+            info_msg += ", {0} tasks waiting to be executed.".format(kb.task_queue.qsize())
 
         logger.info(info_msg)
 

diff --git a/pocsuite3/plugins/html_report.py b/pocsuite3/plugins/html_report.py
@@ -86,11 +86,36 @@ def _writer_footer(self):
         self.html.addcontent('<span class="text-muted">{0}</span>'.format(text))
         self.html.div.close()
         self.html.footer.close()
+        self.html.addcontent('<script type="text/javascript">'
+                             'function copyAll() {'
+                             'var targetValue = $("#all-target").val();'
+                             'navigator.clipboard.writeText(targetValue).then(function() {'
+                             'alert("复制成功");'
+                             '}, function(err) {'
+                             'alert("复制失败");'
+                             '});'
+                             '}'
+                             '</script>')
+        self.html.addcontent('<script type="text/javascript">'
+                             'function copySuc() {'
+                             'var targetValue = $("#suc-target").val();'
+                             'navigator.clipboard.writeText(targetValue).then(function() {'
+                             'alert("复制成功");'
+                             '}, function(err) {'
+                             'alert("复制失败");'
+                             '});'
+                             '}'
+                             '</script>')
+
         self.html.body.close()
         self.html.html.close()
 
     def write_results(self, results=None):
         if results:
+            self.html.addcontent('<button onclick="copyAll()" class="btn btn-primary" '
+                                 'style="margin-bottom: 10px">复制所有目标</button>')
+            self.html.addcontent('<button onclick="copySuc()" class="btn btn-success"'
+                                 ' style="margin-bottom: 10px">复制成功目标</button>')
             self.html.addcontent('<table class="table table-striped table-bordered table-hover">'
                                  '<thead class="thead-dark"><tr>'
                                  '<th scope="col">Target</th>'
@@ -99,40 +124,59 @@ def write_results(self, results=None):
                                  '<th scope="col">Component</th>'
                                  '<th scope="col">Version</th>'
                                  '<th scope="col">Status</th>'
+                                 '<th scope="col">Extra</th>'
                                  '</tr></thead><tbody>'
                                  )
-            for result in results:
-                content = (
-                    '<tr>'
-                    '<td><a href="{0}" target="_blank">{1}</a></td>'
-                    '<td>{2}</td>'
-                    '<td><a href="https://www.seebug.org/vuldb/ssvid-{3}" target="_blank">{4}</a></td>'
-                    '<td>{5}</td>'
-                    '<td>{6}</td>'
-                    '<td><span class="badge badge-success">{7}</span></td>'
-                    '</tr>'
-                ) if result.status == 'success' else (
-                    '<tr>'
-                    '<td><a href="{0}" target="_blank">{1}</a></td>'
-                    '<td>{2}</td>'
-                    '<td><a href="https://www.seebug.org/vuldb/ssvid-{3}" target="_blank">{4}</a></td>'
-                    '<td>{5}</td>'
-                    '<td>{6}</td>'
-                    '<td><span class="badge badge-secondary">{7}</span></td>'
-                    '</tr>'
-                )
+            all_target = []
+            suc_target = []
 
+            for result in results:
+                all_target.append(result.target)
+                if result.status == 'success':
+                    suc_target.append(result.target)
+                    content = (
+                        '<tr>'
+                        '<td><a href="{0}" target="_blank">{1}</a></td>'
+                        '<td>{2}</td>'
+                        '<td><a href="https://www.seebug.org/vuldb/ssvid-{3}" target="_blank">{4}</a></td>'
+                        '<td>{5}</td>'
+                        '<td>{6}</td>'
+                        '<td><span class="badge badge-success">{7}</span></td>'
+                        '<td>{8}</td>'
+                        '</tr>'
+                    )
+                else:
+                    content = (
+                        '<tr>'
+                        '<td><a href="{0}" target="_blank">{1}</a></td>'
+                        '<td>{2}</td>'
+                        '<td><a href="https://www.seebug.org/vuldb/ssvid-{3}" target="_blank">{4}</a></td>'
+                        '<td>{5}</td>'
+                        '<td>{6}</td>'
+                        '<td><span class="badge badge-secondary">{7}</span></td>'
+                        '<td>{8}</td>'
+                        '</tr>'
+                    )
+                result.result.get('VerifyInfo').pop('URL')
+                extra_info = '/'.join([item for item in result.result.get('VerifyInfo').values()])
                 self.html.addcontent(content.format(result.target,
                                                     result.target,
                                                     result.poc_name,
                                                     result.vul_id,
                                                     result.vul_id,
                                                     result.app_name,
                                                     result.app_version,
-                                                    result.status)
+                                                    result.status,
+                                                    extra_info)
                                      )
 
             self.html.addcontent('</tbody></table>')
+            self.html.addcontent('<textarea id="all-target" style="display:none">{}</textarea>'.format(
+                '\n'.join(all_target)
+            ))
+            self.html.addcontent('<textarea id="suc-target" style="display:none">{}</textarea>'.format(
+                '\n'.join(suc_target)
+            ))
 
     def write_html(self, results=None):
         menus = {

diff --git a/setup.py b/setup.py
@@ -21,7 +21,7 @@ def find_packages(where='.'):
 
 setup(
     name='pocsuite3',
-    version='2.0.8',
+    version='2.0.9',
     url='https://pocsuite.org',
     description='Open-sourced remote vulnerability testing framework.',
     long_description=long_description,

diff --git a/tests/test_api_diy_options.py b/tests/test_api_diy_options.py
@@ -15,7 +15,7 @@ def tearDown(self):
 
     def verify_result(self):
         config = {
-            'url': ['https://www.baidu.com/'],
+            'url': ['http://httpbin.org/post'],
             'poc': [os.path.join(paths.POCSUITE_ROOT_PATH, "../tests/login_demo.py")],
             'username': "asd",
             'password': 'asdss',