FastPwn

V2.1 新增 [Auto_PerUti.py] 主要用于针对持久化控制目标主机后通过Tmux进行的的一个自动化flag获取、提交管理操作当前的FastPwn缺点也很明显，当有些程序不能长时间挂起时，我们的持久化控制也将失效，即只可以单次利用.....

exploit

❯ python exploit.py 
❯ python exploit.py [exp_mod] 
❯ python exploit.py [Ip] [Port]
❯ python exploit.py [Ip] [Port] [exp_mod]


# Edit values:
      - RemPro()
           - elf_addr
           - pro_libc
           - enable_Onegadgets
      - exp()

Dynamic presentation

Awd-Exploit

❯ python Autopwn.py [exp_mod] 

# Tmux_Useing    : 
❯ tmux ls
❯ tmux a -t tmux_id

# Edit values:
     - main()
          - ip & port & cmd & flag_head
          - ip和port 同时决定着tmux会话的创建规则
          - attack():
              - 发送cat flag前的接收参数
              - Submit_flag()
                   - url
                   - headers {Token & Content-type}
                   - data （接收反馈时的编码问题）

Dynamic presentation

Auto_PerUti.py

# Bash_Useing
❯ python Auto_PerUti.py 
[T.T] Flag提交错误!
XCCTF{22ee2bc5dcc3afe1255e1db441004a35a9e9dd2d}
[+] Content : {"error":40307,"msg":"Flag 错误！"}

[T.T] Flag提交错误!
XCCTF{8e0b2348b5365a5b5fabd638f317bb226edf421d}
[+] Content : {"error":40307,"msg":"Flag 错误！"}

[T.T] Flag提交错误!

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
Awd-Exploit		Awd-Exploit
AllMod.py		AllMod.py
README.md		README.md
exploit.py		exploit.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Awd-Exploit

Awd-Exploit

AllMod.py

AllMod.py

README.md

README.md

exploit.py

exploit.py

Repository files navigation

FastPwn

exploit

Dynamic presentation

Awd-Exploit

Dynamic presentation

Auto_PerUti.py

About

Releases

Packages

Languages

da1sy/FastPwn

Folders and files

Latest commit

History

Repository files navigation

FastPwn

exploit

Dynamic presentation

Awd-Exploit

Dynamic presentation

Auto_PerUti.py

About

Topics

Resources

Stars

Watchers

Forks

Languages