• Stars
    star
    305
  • Rank 136,879 (Top 3 %)
  • Language
    Python
  • Created over 5 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Automatic exploit generation for simple linux pwn challenges.

Ropstar

Exploits simple linux bof challenges involving alsr, nx and to some extend format strings. You can let it get you a shell or specify a win function that is called.

asciicast

Install

mkvirtualenv sploit
pip install -r requirements.txt
  • Requires python3
  • Expects local installation of libcdatabase in /home/user/tools/libcdatabase. To run local exploits make sure you add your local libc to libcdatabase (32-bit & 64-bit versions). Also in ~/tools you need a clone of ROPgadget (used for static binary exploitation).

Examples

Exploit local binary:

python ropstar.py <name>

Run remote:

python ropstar.py <name> -rhost <address> -rport <port>

Limitations

  • a lot, this a just a PoC, expect it to crash on most targets
  • we assume we can write enough bytes to put our payload after the return pointer overwrite - when this is not then case ropstar fails

Tested on

Help on this project is welcome! Contact me on twitter: @xct_de.