Exploit Primitive Platform
Welcome to Red Canary's Exploit Primitive Platform!
This project helps researchers, redteamers, and defenders better understand exploitation techniques for Linux by providing an intentionally vulnerable service with ready-to-use exploit primitives like stack-out-of-bounds, arbitrary-write, and arbitrary-read vulnerabilities.
Using these primitives, you can have your hand at testing, or advancing, attack techniques like file-less, in-memory remote code execution. This is useful for advancing the state of the art when it comes to tradecraft, while also enabling teams to test real-world scenarios to determine if their existing security investments prevent, detect or even observe these attacks.
Usage
Build the project.
make
Run the vulnerable service on a non-production system (it’s an exploitable service).
build/_X86_64/epp LHOST LPORT
On the same system, or another system with network connectivity to the target system, run an example
script to exploit a vulnerability and run untrusted code. For example, to exploit the stack-out-of-bounds and arbitrary read exploits, in order to run execute malicious code entirely in the process memory of the vulnerable service (fileless), run the following command:
./examples/remote_command_execution.py RHOST RPORT ~/YOUR_RAW_SHELLCODE
./examples/remote_code_execution.py RHOST RPORT ~/YOUR_RAW_SHELLCODE
Note: Raw shellcode can be generated using frameworks like Metasploit (see here).
Contributing
We are open to contributions for both examples and primitives.