chore: add testcase & update docs

knownsec · Sep 9, 2021 · 48bb559 · 48bb559
1 parent 5339ebd
commit 48bb559
Show file tree

Hide file tree

Showing 7 changed files with 63 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -257,3 +257,8 @@ Cross-platform shell code generation
 # version 1.8.3
 -----------------
 * some improvements related to dependent
+
+# version 1.8.4
+-----------------
+* update docs
+* fix typo
diff --git a/docs/CODING.md b/docs/CODING.md
@@ -350,16 +350,18 @@ from pocsuite3.api import OptString, OptDict, OptIP, OptPort, OptBool, OptIntege
 
     if hashlib.new('md5', token).hexdigest() in content:
         result['VerifyInfo'] = {}
-        result['VerifyInfo']['URL'] = self.url + payload
+        result['VerifyInfo']['URL'] = self.url
 
 检测 XSS 漏洞时：
+    # 可参考 https://paper.seebug.org/1119/
+
     token = random_str()
     payload = 'alert("%s")' % token
     ...
 
-    if hashlib.new('md5', token).hexdigest() in content:
+    if payload in content:
         result['VerifyInfo'] = {}
-        result['VerifyInfo']['URL'] = self.url + payload
+        result['VerifyInfo']['URL'] = self.url
 
 检测 PHP 文件上传是否成功：
 
@@ -369,7 +371,7 @@ from pocsuite3.api import OptString, OptDict, OptIP, OptPort, OptBool, OptIntege
 
     if hashlib.new('md5', token).hexdigest() in content:
         result['VerifyInfo'] = {}
-        result['VerifyInfo']['URL'] = self.url+payload
+        result['VerifyInfo']['URL'] = self.url
 ```
 
 8. 任意文件如果需要知道网站路径才能读取文件的话，可以读取系统文件进行验证，要写 Windows 版和 Linux 版两个版本。

diff --git a/manpages/poc-console.1 b/manpages/poc-console.1
@@ -31,7 +31,7 @@ is maintained at:
 .I https://github.com/knownsec/pocsuite3/blob/master/docs/USAGE.md
 .PP
 .SH VERSION
-This manual page documents pocsuite version 1.8.3
+This manual page documents pocsuite version 1.8.4
 .SH AUTHOR
 .br
 (c) 2014-2021 by Knownsec 404 Team

diff --git a/manpages/pocsuite.1 b/manpages/pocsuite.1
@@ -250,7 +250,7 @@ is maintained at:
 .I https://github.com/knownsec/pocsuite3/blob/master/docs/USAGE.md
 .PP
 .SH VERSION
-This manual page documents pocsuite version 1.8.3
+This manual page documents pocsuite version 1.8.4
 .SH AUTHOR
 .br
 (c) 2014-2021 by Knownsec 404 Team

diff --git a/pocsuite3/__init__.py b/pocsuite3/__init__.py
@@ -1,5 +1,5 @@
 __title__ = 'pocsuite'
-__version__ = '1.8.3'
+__version__ = '1.8.4'
 __author__ = 'Knownsec Security Team'
 __author_email__ = 's1@seebug.org'
 __license__ = 'GPL 2.0'

diff --git a/setup.py b/setup.py
@@ -14,7 +14,7 @@ def find_packages(where='.'):
 
 setup(
     name='pocsuite3',
-    version='1.8.3',
+    version='1.8.4',
     url='http://pocsuite.org',
     description='Pocsuite is an open-sourced remote vulnerability testing framework developed by the Knownsec Security Team.',
     long_description="""\

diff --git a/tests/test_check_install_requires.py b/tests/test_check_install_requires.py
@@ -0,0 +1,48 @@
+import unittest
+from pocsuite3.lib.core.register import PocLoader
+
+
+class TestCase(unittest.TestCase):
+    def setUp(self):
+        pass
+
+    def test_module_is_none(self):
+        p = PocLoader('testcase', 'testcase')
+        p.set_data('''install_requires = ['', ""]''')
+        p.check_requires(p.data)
+
+    def test_built_in_module(self):
+        p = PocLoader('testcase', 'testcase')
+        p.set_data('''install_requires = ['os', 'sys']''')
+        p.check_requires(p.data)
+
+    def test_normal_module(self):
+        p = PocLoader('testcase', 'testcase')
+        p.set_data('''install_requires = ['setuptools']''')
+        p.check_requires(p.data)
+
+    def test_module_include_version(self):
+        p = PocLoader('testcase', 'testcase')
+        p.set_data('''install_requires = ['setuptools==51.1.2']''')
+        p.check_requires(p.data)
+
+        p.set_data('''install_requires = ['setuptools~=51.1.2']''')
+        p.check_requires(p.data)
+
+        p.set_data('''install_requires = ['setuptools>=51.1.2']''')
+        p.check_requires(p.data)
+
+        p.set_data('''install_requires = ['setuptools<=51.1.2']''')
+        p.check_requires(p.data)
+
+    def test_import_name_and_install_name_are_inconsistent(self):
+        p = PocLoader('testcase', 'testcase')
+        p.set_data('''install_requires = ['BeautifulSoup4>=4.9.1:bs4']''')
+        try:
+            p.check_requires(p.data)
+        except SystemExit:
+            pass
+
+
+if __name__ == '__main__':
+    unittest.main()