Skip to content
forked from da1sy/FastPwn

CTF中Pwn的快速利用模板(包含awd pwn)

Notifications You must be signed in to change notification settings

GUANZH1/FastPwn

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 
 
 

Repository files navigation

FastPwn

V2.1 新增 [Auto_PerUti.py] 主要用于针对持久化控制目标主机后通过Tmux进行的的一个自动化flag获取、提交管理操作 当前的FastPwn缺点也很明显,当有些程序不能长时间挂起时,我们的持久化控制也将失效,即只可以单次利用.....

exploit

❯ python exploit.py 
❯ python exploit.py [exp_mod] 
❯ python exploit.py [Ip] [Port]
❯ python exploit.py [Ip] [Port] [exp_mod]


# Edit values:
      - RemPro()
           - elf_addr
           - pro_libc
           - enable_Onegadgets
      - exp()

Dynamic presentation

Awd-Exploit

❯ python Autopwn.py [exp_mod] 

# Tmux_Useing    : 
❯ tmux ls
❯ tmux a -t tmux_id

# Edit values:
     - main()
          - ip & port & cmd & flag_head
          - ip和port 同时决定着tmux会话的创建规则
          - attack():
              - 发送cat flag前的接收参数
              - Submit_flag()
                   - url
                   - headers {Token & Content-type}
                   - data (接收反馈时的编码问题)

Dynamic presentation

Auto_PerUti.py

# Bash_Useing
❯ python Auto_PerUti.py 
[T.T] Flag提交错误!
XCCTF{22ee2bc5dcc3afe1255e1db441004a35a9e9dd2d}
[+] Content : {"error":40307,"msg":"Flag 错误!"}

[T.T] Flag提交错误!
XCCTF{8e0b2348b5365a5b5fabd638f317bb226edf421d}
[+] Content : {"error":40307,"msg":"Flag 错误!"}

[T.T] Flag提交错误!

About

CTF中Pwn的快速利用模板(包含awd pwn)

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%