summaryrefslogtreecommitdiffstats
path: root/sploit/__init__.py (follow)
AgeCommit message (Collapse)AuthorFilesLines
2022-03-13sploit: cache results of external commandsdusoleil1-0/+1
rather than cacheing ELF instantiations, just cache the results of external commands Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
2022-03-13sploit: add rev module to sploitdusoleil1-0/+1
Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
2021-09-07sploit: Clean main import fileMalfurious1-2/+8
The import list is alphabetized and listed one per line, to prevent this from becoming unwieldy as more modules are introduced. __all__ has been shown to be redundant, given that explicit imports are now done, so it is removed. Signed-off-by: Malfurious <m@lfurio.us> Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
2021-09-07sploit: Add payload builder moduleMalfurious1-2/+2
class Payload is a tool for constructing stack-smash payloads and ROP chains. Its design is intended to abstract away some of the more tedious details of crafting a payload. Payload utilizes mem.Symtbl internally to optionally manage a collection of named offsets into its own buffer (these are usually in reference to entities appended to the payload via its main API). Alternatively, the API calls to append any entity will return the address of that entity as well. Returned (and looked-up) addresses are relative to the beginning of the payload by default. However, when the payload is constructed with a known base address value, these become absolute. This is useful for reusing addresses later in the payload body. class Placeholder is designed to be functionally compatible with bytearrays and bytestrings. When constructed, they take the value of 'zero', according to the current arch config. This facility enables some API's to detect whether a dummy value was passed as a required argument when said argument _may_ be unnecessary in niche situations. Signed-off-by: Malfurious <m@lfurio.us> Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
2021-09-02Change behavior for import sploitdusoleil1-0/+1
The statement import sploit will now import all of the sploit modules under the sploit namespace. Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
2021-09-02Add mem module for calculating memory offsetsdusoleil1-1/+1
Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
2021-09-02Add arch config moduledusoleil1-1/+1
Add Arch class which specifies wordsize, endianness, alignment, and a nop code for an architecture. Add a couple predefined architectures for x86 and x86_64 Add a "configured" architecture which is set to x86_64 by default. Added btoi and itob functions which will convert to and from bytes and ints based on the current architecture config Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
2021-09-01Add Convenience Utility to readuntil()dusoleil1-1/+1
readuntil() and readlineuntil() will now automatically bind() a predicate and given arguments to produce the single function predicate required. The 'until' module will provide convenience utilities for use with readuntil() and readlineuntil(). For now, it contains functools.partial renamed as bind(), lastline() which can call a predicate with the last element of the array of lines given from readlineuntil(), and simplified versions of re.search and re.fullmatch renamed as contains and equals. These allow us to write powerful and legible statements like: comm.readlineuntil(lastline,contains,b'Enter') Signed-off-by: dusoleil <howcansocksbereal@gmail.com>
2021-08-30Sploit Rework MVP Structure, Packaging, and Commsdusoleil1-0/+1
First part of the MVP for the larger Sploit rework effort. Add project structure, python packaging, basic comms, and "log" hook. From in or out of the sploit directory, you can run the "sploit.py" script, run python -m sploit, or import the sploit modules from the python3 shell. You can also pip install Sploit and from anywhere you can run the sploit command, run python -m sploit, or import the sploit modules from the python3 shell. Running as a standalone application, Sploit can run in a "target" mode, a "pipe" mode, and a "pipe daemon" mode. In "target" mode, Sploit will launch a target program as a subprocess and run an exploit script against its I/O. In "pipe" mode, Sploit will create named fifos and wait for a program to connect to them to run an exploit script against them. In "pipe daemon" mode, Sploit will run similar to the "pipe" mode, but automatically recreate the fifos with the same name after each execution. Basic comm operations of read, readline, write, and writeline are available to the exploit script. A "log" hook is executed whenever data is read in from the target program. This will just print the data out, but it can be configured to decode it with a specific encoding or you could replace the function for different behavior. Signed-off-by: dusoleil <howcansocksbereal@gmail.com>