-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathutils.py
57 lines (46 loc) · 1.44 KB
/
utils.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#!/usr/bin/python
# -*- coding: ascii -*-
#---------------------------------------------------------
# My small python exploitation library
#---------------------------------------------------------
# This function is a shortcut useful to add
# a constant 'offset' to an address.
# It is useful for example when there is a format
# string vuln. that leaks an address, we get it ,
# and we want to embedd in our exploit that address
# +/- some constant.
#
# address: 0xbfffff789 ( String )
# offset: 0xd5 ( Hex-Integer )
# sign: +/- ( you want to add or subtract the constant? (Char) )
# ret -> 0xbfffff85e ( String )
#
# you can finally use a struct.pack('<I' , 0xbffff85e)
# to get '\x89\xff\xff\xbf' to embedd in your exploit.
#
import socket
def add_to_address(address,sign,offset):
if sign == '+':
address = int(address,16) + offset
elif sign == '-':
address = int(address,16) - offset
else:
print "[Fatal] sign error"
return ""
rets = str(hex(address))
return rets[:-1]
# Given a server and a port return
# a socket connected to that server at that
# port ( woah! )
def give_me_a_socket(server,port):
s = socket.socket()
s.connect((server, port))
return s
# Given a start address ( String ) this function will return
# the next address. ( String )
# Useful to create address bruteforcer
def address_generator(address):
address = int(address,16)
while True:
yield (str(hex(address)))
address = address + 0x1