You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
These are 7 simple python scripts + a methodology easing the exploitation.
14
+
These are 7 simple python scripts and a methodology **to ease** (not *automate* !) the exploitation.
12
15
Each script targets a phase of the exploitation :
13
16
14
17
1. Trigger the BoF (this is facultative for OSCP since they give you a code snippet)
@@ -23,13 +26,27 @@ It's based on the [do stack buffer overflow good](https://github.com/justinsteve
23
26
24
27
## How to use
25
28
26
-
Follow each step and you'll be able to craft a working example of a BoF exploitation
29
+
Follow each step and you'll be able to craft a working example of a BoF exploitation.
30
+
31
+
All the specific variable are stored in [1 single resource file](PARAMETERS.py),
32
+
to avoid any confusion during the exam.
33
+
34
+
After each step, fill the proper variables with values found and they'll be re-used for the next step
27
35
28
36
Note: If after each debug operation performed, the application has become unresponsive; Immunity Debugger should be closed first, then the "vulnapp.exe" application should be restarted, and Attach and Run should be done on Immunity Debugger.
29
37
38
+
## 0. Pre-start
39
+
40
+
Fill in the following variables in the [resource file](PARAMETERS.py) depending on the host to attack :
41
+
*``RHOST`` : the IP address of the host
42
+
*``RPORT`` : the port on which to access the application to exploit
0 commit comments