What is Buff?
A simple BOF library I wrote under an hour to help me automate with BOF attack.
It comes with fuzzer and a generic method to generate exploit easily.
Not all the methods are documented yet as I do not have time now. Feel free to read the code, it's very small code-base anyway :)
Usage
I made a template as well.
Setup Runner
import buff
runner = buff.Buff(target = ("127.0.0.1", 1337), prefix = "", postfix = "")
Fuzzer
runner.fuzz()
# you can set timeout, step_size, and sleep seconds
runner.fuzz(timeout = 5, step_size = 1000, sleep = 3)
# use custom fuzzer
def fuzzer(target: (str, int), timeout: int, prefix: str = "", postfix: str = "", step_size: int = 100, sleep: int = 1):
...
runner.setFuzzer(fuzzer)
Sending Pattern
runner.sendPattern()
Find Pattern Offset
BUFFER_SIZE = 2400
offset = buff.generator.findPatternOffset(BUFFER_SIZE, "386F4337")
print(offset)
Sending Bad Characters
runner.setBufferSize(2400)
runner.setEipOffset(1978)
runner.sendBadChars()
# you can also exclude by
runner.sendBadChars(exclude = ["\x42", "\x43"])
# change default EIP placeholder
runner.sendBadChars(fake_eip = "\x44\x44\x44\x44")
Sending Exploit
# Set buffer size
runner.setBufferSize(2400)
# Set EIP offset
runner.setEipOffset(1978)
# Set return address
eip_address = "\xaf\x11\x50\x62"
runner.setEipAddress(eip_address)
# Set padding
runner.setPaddingSize(16)
# Set exploit
exploit = ("\xdb\xde.....")
runner.setExploit(exploit)
runner.sendExploit()
13 Oct 28, 2022
47 Dec 21, 2022
115 Dec 07, 2022
3 Oct 05, 2022
76 Nov 09, 2022
826 Jan 01, 2023
153 Nov 09, 2022
![Trewis [work] Scotch](https://avatars.githubusercontent.com/u/92666826?v=4&s=60)
4 Sep 23, 2022
20 Dec 02, 2022
70 Jun 21, 2022
3 Dec 22, 2021
11 Sep 10, 2022
7 Nov 17, 2022
6.7k Jan 05, 2023
56 Mar 25, 2022
2.1k Jan 08, 2023
9.4k Jan 04, 2023
2 Nov 24, 2022
3 Aug 10, 2022
59 Dec 01, 2022