The upper right corner of the above picture shows the Run, Save, and Refresh buttons, which are used to debug PoC scripts. The syntax of the script is similar to Golang. The **cvs structure** in the picture will be automatically generated by the CVS scanner based on target.json, without the need for implementation. It is only convenient for testing during debugging and can be declared by oneself. This picture shows the writing process of the CVE-2022-46169 no echo vulnerability test script. CVS IDE provides the **debug function** for printing debugging information, which is compatible with **fmt.Printf** in the go language The usage is shown in the text box below. For vulnerabilities with echoes, the existence of the vulnerability can be confirmed directly by returning true. For scenarios that require some information to be returned, such as password cracking, a string can be returned to save the result, which is located in the info field of the result. json generated by the CVS scanner. The functions in the PoC script are compatible with the help functions of Nuclei, please refer to them for details https://docs.projectdiscovery.io/templates/reference/helper-functions .In addition, CVS also provides a network library, please refer to https://github.com/Safe3/CVS/blob/main/library.md for details,so it is very convenient to convert Nuclei's vulnerability template into CVS's PoC. For more PoC examples, please refer to the yaml file in the poc directory of the CVS scanner.
70
+
The upper right corner of the above picture shows the Run, Save, and Refresh buttons, which are used to debug PoC scripts. The syntax of the script is similar to Golang. The **cvs structure** in the picture will be automatically generated by the CVS scanner based on target.json, without the need for implementation. It is only convenient for testing during debugging and can be declared by oneself.
71
+
72
+
This picture shows the writing process of the CVE-2022-46169 no echo vulnerability test script. CVS IDE provides the **debug function** for printing debugging information, which is compatible with **fmt.Printf** in the go language The usage is shown in the text box below. For vulnerabilities with echoes, the existence of the vulnerability can be confirmed directly by returning true. For scenarios that require some information to be returned, such as password cracking, a string can be returned to save the result, which is located in the info field of the result.json generated by the CVS scanner.
73
+
74
+
The functions in the PoC script are compatible with the help functions of Nuclei, please refer to them for details https://docs.projectdiscovery.io/templates/reference/helper-functions .In addition, CVS also provides a network library, please refer to https://github.com/Safe3/CVS/blob/main/library.md for details,so it is very convenient to convert Nuclei's vulnerability template into CVS's PoC. For more PoC examples, please refer to the yaml file in the poc directory of the CVS scanner.