It can be used both locally and remotely (indicating IP and port)

Related tags

NetworkingPwnCtfTool
Overview
    ____                 ________  __________            __
   / __ \_      ______  / ____/ /_/ __/_  __/___  ____  / /
  / /_/ / | /| / / __ \/ /   / __/ /_  / / / __ \/ __ \/ / 
 / ____/| |/ |/ / / / / /___/ /_/ __/ / / / /_/ / /_/ / /  
/_/     |__/|__/_/ /_/\____/\__/_/   /_/  \____/\____/_/   
                                                           
                By: DiegoAltF4 and Dbd4

Tool for ret2win challenges.

It can be used both locally and remotely (indicating IP and port). It automatically finds the offset to the Instruction Pointer stored in the stack.

It can be configured to return a shell. By default, it prints the data received by the connection (possible flag). It also allows to display the offset to the instruction pointer in the stack and supports x86 architecture in both 32-bit and 64-bit. It can be used to debug the exploit with GDB.

Basic usage:

./PwnCtfTool.py -f vuln.bin -t flag_func

Auto PWN tool for CTF
optional arguments:
  -h, --help show this help message and exit
  -vv Max Verbose (debug)
  -v Verbose (info)
  -g Attach GDB
  -f FILE File to PWN
  -t TARGET Target Function
  --offset Print offset Instruction Pointer
  --shell Stay interactive
  --remote Exploit remote server

Installation:

git clone https://github.com/Diego-AltF4/PwnCtfTool.git
cd ./PwnCtfTool
pip3 install -r requirements.txt
chmod +x PwnCtfTool.py
./PwnCtfTool.py

Acknowledgements


David Billhardt

Created by DiegoAltF4 and Dbd4

Owner
DiegoAltF4
DiegoAltF4
InfraGenie is allows you to split out your infrastructure project into separate independent pieces, each with its own terraform state.

🧞 InfraGenie InfraGenie is allows you to split out your infrastructure project into separate independent pieces, each with its own terraform state. T

Digger 53 Nov 23, 2022
This is a python based command line Network Scanner utility, which input as an argument for the exact IP address or the relative IP Address range you wish to do the Network Scan for and returns all the available IP addresses with their MAC addresses on your current Network.

This is a python based command line Network Scanner utility, which input as an argument for the exact IP address or the relative IP Address range you wish to do the Network Scan for and returns all t

Abhinandan Khurana 1 Feb 09, 2022
A simple chat room using socket and threading for handle multiple connections.

• Socket Chat Room was a little project for socket study. It works with a server handling the incoming connections from the clients. Clients send encoded messages while waiting for others clients mes

Guilherme de Oliveira 2 Mar 03, 2022
Arp-spoofing, this script was written for people who want to spoof any vulnerable machine such as Wİndows, of course it could have been more sophisticatedly created but these repos will be updated constantly

ARP-SPOOF ARP spoofing is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area net

2 Dec 28, 2021
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more

FullHunt 3.2k Jan 02, 2023
Makes dynamically updating your Cloudflare DNS records a bit easier ⏩👍😎

Easy Dynamic Cloudflare DNS Updater Makes dynamically updating your Cloudflare DNS records a bit easier ⏩ 👍 😎 If using it as a 'Dynamic DNS' client,

Zac Koch 3 Dec 19, 2021
SonicWall SSL-VPN Exploit

VisualDoor SonicWall SSL-VPN Exploit, as used by Phineas Fisher to hack Cayman Trust Bank and Hacking Team.

169 Nov 15, 2022
A simple tcpdump sidecar injector to demonstrate Kubernetes's Mutating Webhook

k8s-tcpdump-webhook A simple tcpdump sidecar injector to demonstrate Kubernetes's Mutating Webhook Build and Deploy Build docker image; docker build -

Bilal Ünal 2 Sep 01, 2022
CSP-style concurrency for Python

aiochan Aiochan is a library written to bring the wonderful idiom of CSP-style concurrency to python. The implementation is based on the battle-tested

Ziyang Hu 127 Dec 23, 2022
Simple Port Scanner script written in Python, plans is to expand upon this script to turn it into a GUI based pen testing suite

PortScanner Simple Port Scanner script written in Python, plans is to expand upon this script to turn it into a GUI based pen testing suite. #IMPORTAN

1 Oct 23, 2021
Connects to databases or sftp server based on configured environmental variables.

Myconnections Connects to Oracle databases or sftp servers depending on configured environmental variables. VERY IMPORTANT: VPN must exist. Installati

0 Jan 02, 2022
The sequel to SquidNet. It has many of the previous features that were in the original script, however a lot of the functions that do not serve much functionality have been removed.

SquidNet2 The sequel to SquidNet. It has many of the previous features that were in the original script, however a lot of the functions that do not se

DrSquidX 5 Mar 25, 2022
Out-of-box Python RPC framework

typed-jsonrpc Out-of-box Python RPC framework. WIP. Make LSP easy for everyone. The conception of final usage: from typed_jsonrpc import * ls = Langu

Taine Zhao 4 Dec 28, 2021
A Python package for handling free proxies from sslproxies.org

SSLProxies Get free working proxy from https://www.sslproxies.org/ and use it in your script This is a port/rewrite of free-proxy with additional feat

Nate Harris 2 Mar 17, 2022
Exfiltrate files using the HTTP protocol version ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1)

http-protocol-exfil Use the HTTP protocol version to send a file bit by bit ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1). It uses GET requests so the Blu

Ricardo Ruiz 23 Apr 30, 2022
Pesquise, filtre e obtenha informações sobre animes. ( Módulo PIP )

Pesquise, filtre e obtenha informações sobre animes. ( Módulo PIP )

AimCaffe 3 Jan 30, 2022
pureSxS - A tool to export Component Based Servicing packages from a full Windows installation

pureSxS A tool to export Component Based Servicing packages from a full Windows installation. Usage pureSxS.py source_mum destination pureSxS wor

Gamers Against Weed 3 Oct 03, 2022
FramIp - it a framework for work at IP and domain

FramIp FramIp - it a framework for work with IP and domain Installation (termux) $ pkg install git && pkg install python && git clone https://github.c

1 Jan 28, 2022
Openconnect VPN RPi Gateway

Openconnect-VPN-RPi-Gateway See the blog (Chinese) for how to build an Openconne

Zhongze Tang 2 Jan 30, 2022
Lets you remove all friends, leave GCs, and leave servers, in an instant!

anonymity Lets you remove all friends, leave GCs, and leave servers, in an instant! You can also do each of them by themselves. First, you need to get

1 Dec 07, 2021