GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → danieljs777 → fastoverflowtk

danieljs777 / fastoverflowtk

Licence: other
This Buffer Overflow Toolkit works through FTP, SMTP, POP, HTTP protocols as well file outputs for playlists exploiting customized variables/commands. Payloads can be generated through MSFVENOM or you can use your own ASM files.

Programming Languages

python
139335 projects - #7 most used programming language
Smarty
1635 projects

Labels

nasmexploitationbuffer-overflow

Projects that are alternatives of or similar to fastoverflowtk

BFS2019
Bluefrost Exploitation Challenge 2019 - Exploit and Writeup
Stars: ✭ 20 (+25%)
Mutual labels:  exploitation, buffer-overflow
Jiraffe
One stop place for exploiting Jira instances in your proximity
Stars: ✭ 157 (+881.25%)
Mutual labels:  exploitation
SAP vulnerabilities
DoS PoC's for SAP products
Stars: ✭ 47 (+193.75%)
Mutual labels:  buffer-overflow
kahoot-tools
A website for interacting with kahoot games.
Stars: ✭ 63 (+293.75%)
Mutual labels:  exploitation
readhook
Red-team tool to hook libc read syscall with a buffer overflow vulnerability.
Stars: ✭ 31 (+93.75%)
Mutual labels:  buffer-overflow
Kroha
A small language makes assembly less painful.
Stars: ✭ 30 (+87.5%)
Mutual labels:  nasm
DevBrute-A Password Brute Forcer
DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.
Stars: ✭ 91 (+468.75%)
Mutual labels:  exploitation
LBFH
About All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
Stars: ✭ 46 (+187.5%)
Mutual labels:  exploitation
reverse shell nasm
No description or website provided.
Stars: ✭ 15 (-6.25%)
Mutual labels:  nasm
OverRide
Binary Exploitation and Reverse-Engineering (from assembly into C)
Stars: ✭ 69 (+331.25%)
Mutual labels:  exploitation
titanm
This repository contains the tools we used in our research on the Google Titan M chip
Stars: ✭ 149 (+831.25%)
Mutual labels:  exploitation
raptor infiltrate19
#INFILTRATE19 raptor's party pack
Stars: ✭ 27 (+68.75%)
Mutual labels:  buffer-overflow
ARM-episodes
Arm Episodes
Stars: ✭ 75 (+368.75%)
Mutual labels:  exploitation
src
This is the source of our Return Oriented Programming tool.
Stars: ✭ 14 (-12.5%)
Mutual labels:  buffer-overflow
PXXTF
Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (+43.75%)
Mutual labels:  exploitation
NTU-Computer-Security
台大 計算機安全 - Pwn 簡報、影片、作業題目與解法 - Computer Security Fall 2019 @ CSIE NTU Taiwan
Stars: ✭ 293 (+1731.25%)
Mutual labels:  exploitation
exploits
Some of my public exploits
Stars: ✭ 50 (+212.5%)
Mutual labels:  exploitation
contextual
Contextual Bandits in R - simulation and evaluation of Multi-Armed Bandit Policies
Stars: ✭ 72 (+350%)
Mutual labels:  exploitation
SubRosa
Basic tool to automate backdooring PE files
Stars: ✭ 48 (+200%)
Mutual labels:  exploitation
cmake-nasm-test
Building a nasm hello world app with cmake
Stars: ✭ 18 (+12.5%)
Mutual labels:  nasm
View All Similar Projects ➔

FastOverflow ToolKit

I started wroting this toolkit whilst studying Buffer Overflow Techniques.

It works through FTP, SMTP, POP, HTTP protocols as well file outputs for playlists exploiting customized variables/commands and supports Vanilla (classic) buffer overflow technique, SEH ByPass and Egghunting. Additionaly, the toolkit makes use of session files and you can restore your walkthrough by default.

This toolkit is composed by Memory fuzzer, BadChars Testing, Exploitation process automation and soon I will FULLY release the Exploit Generator (right now only Vanilla Exploit Generation). I intend to keep this project very active. Please pull changes before any use.

The toolkit is NOT RECOMMENDED for script kiddies!

Payloads can be generated through MSFVENOM (shell_reverse_tcp / meterpreter_reverse_tcp) OR you can use your own ASM files.

Prerequisites

Python 3.8, Metasploit, nasm, nasm_shell

Usage:

Default options : 

fast_overflow.py -m [MODE] [-o PLATFORM] [-h HOST] [-p PORT] [-f FIELD] [-U USER] [-P PASS] [-i LOCALIP] [-l LOCALPORT] 

 -m, --mode=MODE           Specify mode for buffer overflow. Accepted : ftp | http | popsmtp | file
 -o, --os=PLATFORM         Target OS Platform for shellcode. Accepted: windows | unix | linux | mac
 -h, --host=HOST           Target to attack. Not used in FILE mode
 -p, --port=PORT           Port to attack. Not used in FILE mode
 -f, --fields=FIELD        Set fields to exploit: user, pass, stor, cookie, user-agent. Separate multiple by commas
 -v, --http-verb=HTTPVERB  Set HTTP method to exploit: GET, HEAD, POST, TRACE, etc. Default: HEAD
 -u, --http-uri=HTTPURI    Set HTTP uri to exploit. Default: /
 -i, --lip=LOCALIP         Local IP for shellcode
 -l, --lport=LOCALPORT     Local Port for shellcode
 -U, --auth-user=USER      User for auth. Default: user
 -P, --auth-pass=PASS      Pass for auth. Default: user

Testing

This tool was tested successfully in Python 3.8 against WarFTPd, Ability FTP Server, SLMail, Konica Minolta, Kolibri and some video players. NOT FULLY SUPPORTED ON PYTHON 2. Improvements need.

alt text

Authors

License

This project is licensed under the MIT License

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].