Welcome to CodeTest

👉关于本项目

本项目的主要目的：针对日常收集的Python POC\EXP测试脚本，使用可视化界面统一执行入口，方便运行。

本项目适合人群：有Python基础的渗透测试人员（工具自带简易编辑器，可修改脚本内参数，重新加载后可灵活使用脚本进行测试）

可视化界面开发库：Tkinter

💡POC\EXP 参考链接

https://github.com/Ascotbe/Medusa
https://github.com/zhzyker/vulmap

📖使用说明

# 下载文件
git clone https://github.com/xkx518/CodeTest.git
cd CodeTest
# 安装依赖
pip3 install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
注意: Python\Python36\Lib\site-packages，找到这个路径，下面有一个文件夹叫做crypto,将小写c改成大写C
# 使用工具
双击 CodeTest.pyw
pythonw3 CodeTest.pyw

###如果GitHub图片显示不出来，修改hosts

C:\Windows\System32\drivers\etc\hosts

在文件末尾添加
# GitHub Start 
192.30.253.112    Build software better, together 
192.30.253.119    gist.github.com
151.101.184.133    assets-cdn.github.com
151.101.184.133    raw.githubusercontent.com
151.101.184.133    gist.githubusercontent.com
151.101.184.133    cloud.githubusercontent.com
151.101.184.133    camo.githubusercontent.com
151.101.184.133    avatars0.githubusercontent.com
151.101.184.133    avatars1.githubusercontent.com
151.101.184.133    avatars2.githubusercontent.com
151.101.184.133    avatars3.githubusercontent.com
151.101.184.133    avatars4.githubusercontent.com
151.101.184.133    avatars5.githubusercontent.com
151.101.184.133    avatars6.githubusercontent.com
151.101.184.133    avatars7.githubusercontent.com
151.101.184.133    avatars8.githubusercontent.com

 # GitHub End

🏁模板

POC

def check(**kwargs):
	url = kwargs['url']#/*str*/
	port = kwargs['port']#/*str*/
	print('输出结果')
	print(url)
	print(port)
	if True:
		return 1
	else:
		return

EXP

import CodeTest
from ClassCongregation import _urlparse
#VULN = None => 漏洞测试
#VULN = True => 命令执行
CodeTest.VULN = None

def check(**kwargs):
    if CodeTest.VULN == None:
        ExpApacheShiro = ApacheShiro(_urlparse(kwargs['url']),"echo VuLnEcHoPoCSuCCeSS")
    else:
        ExpApacheShiro = ApacheShiro(_urlparse(kwargs['url']),kwargs['cmd'])
    if kwargs['pocname'] == "cve_2016_4437":
        ExpApacheShiro.cve_2016_4437()
    else:
        ExpApacheShiro.cve_2016_4437()