It can be used both locally and remotely (indicating IP and port)

Related tags

NetworkingPwnCtfTool
Overview
    ____                 ________  __________            __
   / __ \_      ______  / ____/ /_/ __/_  __/___  ____  / /
  / /_/ / | /| / / __ \/ /   / __/ /_  / / / __ \/ __ \/ / 
 / ____/| |/ |/ / / / / /___/ /_/ __/ / / / /_/ / /_/ / /  
/_/     |__/|__/_/ /_/\____/\__/_/   /_/  \____/\____/_/   
                                                           
                By: DiegoAltF4 and Dbd4

Tool for ret2win challenges.

It can be used both locally and remotely (indicating IP and port). It automatically finds the offset to the Instruction Pointer stored in the stack.

It can be configured to return a shell. By default, it prints the data received by the connection (possible flag). It also allows to display the offset to the instruction pointer in the stack and supports x86 architecture in both 32-bit and 64-bit. It can be used to debug the exploit with GDB.

Basic usage:

./PwnCtfTool.py -f vuln.bin -t flag_func

Auto PWN tool for CTF
optional arguments:
  -h, --help show this help message and exit
  -vv Max Verbose (debug)
  -v Verbose (info)
  -g Attach GDB
  -f FILE File to PWN
  -t TARGET Target Function
  --offset Print offset Instruction Pointer
  --shell Stay interactive
  --remote Exploit remote server

Installation:

git clone https://github.com/Diego-AltF4/PwnCtfTool.git
cd ./PwnCtfTool
pip3 install -r requirements.txt
chmod +x PwnCtfTool.py
./PwnCtfTool.py

Acknowledgements


David Billhardt

Created by DiegoAltF4 and Dbd4

Owner
DiegoAltF4
DiegoAltF4
GitHub Repository
A live streaming chatroom involving multiple modalities, such as voice, gesture, and facial expression

HiLive A live streaming chatroom involving multiple modalities, such as voice, gesture, and facial expression. Introduction We focus on demonstrating

Ryan Yen 2 Dec 02, 2021
A database-based CDN node supporting PostgreSQL and MongoDB backends.

A simple to use database-based deployable CDN node for hobbyist developers who wish to have their own CDN!

Vish M 10 Nov 19, 2022
Lets you remove all friends, leave GCs, and leave servers, in an instant!

anonymity Lets you remove all friends, leave GCs, and leave servers, in an instant! You can also do each of them by themselves. First, you need to get

1 Dec 07, 2021
snappi-trex is a snappi plugin that allows executing scripts written using snappi with Cisco's TRex Traffic Generator

snappi-trex snappi-trex is a snappi plugin that allows executing scripts written using snappi with Cisco's TRex Traffic Generator Design snappi-trex c

Open Traffic Generator 14 Sep 07, 2022
Simple Port Scanner script written in Python, plans is to expand upon this script to turn it into a GUI based pen testing suite

PortScanner Simple Port Scanner script written in Python, plans is to expand upon this script to turn it into a GUI based pen testing suite. #IMPORTAN

1 Oct 23, 2021
This is a Client-Server-System which can share the screen from the server to client and in the other direction.

Screenshare-Streaming-Python This is a Client-Server-System which can share the screen from the server to client and in the other direction. You have

VFX / Videoeffects Creator 1 Nov 19, 2021
Python module to interface with Tuya WiFi smart devices

TinyTuya Python module to interface with Tuya WiFi smart devices Description This python module controls and monitors Tuya compatible WiFi Smart Devic

Jason Cox 365 Dec 26, 2022
forward several ports into a single port

port forwarding Multi-Input-Single-Output forward several ports into a single one this tool forwards packets from several ports into one single port.

Erfan Kheyrollahi QaroฤŸlu 3 Sep 11, 2021
A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

๐Ÿ“ก WebMap A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation

Iliass Alami Qammouri 274 Jan 01, 2023
A fire and forget command-line tool to allow for easy transitions of VPN connections between a pool of AWS machines.

VPN Swapper A fire and forget command-line tool to allow for easy transitions of VPN connections between a pool of AWS machines. Dependencies poetry -

Workday 5 Jul 07, 2022
wg-exporter is a simple yet effective Prometheus exporter for Wireguard

wg-exporter wg-exporter is a simple yet effective Prometheus exporter for Wireguard. What are the collected metrics ? General: wg_connected_peers: num

men1n2 3 May 20, 2022
This is a simple python code to get the list of banned IP addresses from Fail2ban

Fail2ban Scripts Usage banned_list.py This script tries to get the banned list of IP addresses by Fail2ban for the service freeswitch. You can modify

Yehor Smoliakov 9 Dec 28, 2022
Simple client for the Sirah Matisse Commander TCP server.

Simple client for the Sirah Matisse Commander TCP server.

Nelson Darkwah Oppong 1 Nov 02, 2021
Distribute a portion of your yield to other addresses ๐Ÿ’™

YSHARE Distribute a portion of your yield to other addresses. How does it work Desposit your yToken or tokens into this contract Set the benificiaries

11 Nov 24, 2021
A Cheap Flight Alert program sends you a SMS to notify cheap flights in next 8 months.

Flight Dealer A Cheap Flight Alert program sends you a SMS to notify cheap flights (return trips) in next 6 months. Installing Download the Python 3 i

Aytaรง KaลŸoฤŸlu 2 Feb 10, 2022
A simple GitHub Action that physically puts your senses on alert when your build/release fails

GH Release Paniker A simple GitHub Action that physically puts your senses on alert when your build/release fails Usage Requirements: Raspberry Pi, LE

Hemanth Krishna 5 Dec 20, 2021
ip2domain - get ip to domain, Know the domian corresponding to the local network connection IP

What is Sometimes, we need to know what connections our local machine has, and what are their IP, domain name, program and parameters? get ip to domai

51pwn 4 Sep 30, 2022
Makes dynamically updating your Cloudflare DNS records a bit easier โฉ๐Ÿ‘๐Ÿ˜Ž

Easy Dynamic Cloudflare DNS Updater Makes dynamically updating your Cloudflare DNS records a bit easier โฉ ๐Ÿ‘ ๐Ÿ˜Ž If using it as a 'Dynamic DNS' client,

Zac Koch 3 Dec 19, 2021
Cobalt Strike script for ScareCrow payloads

๐ŸŽƒ ๐ŸŒฝ ScareCrow Cobalt Strike intergration CNA A Cobalt Strike script for ScareCrow payload generation. Works only with the binary and DLL Loader. ๐Ÿ’ฃ

UserX 401 Dec 11, 2022
A pretty quick and simple interface to paramiko SFTP

A pretty quick and simple interface to paramiko SFTP. Provides multi-threaded routines with progress notifications for reliable, asynchronous transfers. This is a Python3 optimized fork of pysftp wit

14 Dec 21, 2022