Results 1 to 5 of 5

Thread: Python tool that combines genbuf.pl and pattern_offset.rb

  1. #1
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    13

    Default Python tool that combines genbuf.pl and pattern_offset.rb

    Hello all.

    This is a little python script I wrote not long ago while starting to learn Python. It's very straight forward. It combines the features of genbuf.pl and pattern_offset.rb into one all-python package.

    If you do not know what those two scripts are for, they can be found with Metasploit, and are used to generate a unique pattern of characters that can be used during exploit development to locate where a given register is overwritten within that pattern.

    This little script combines the features of both. (Yes, I know there are others out there, but I couldn't find it in Python, so I wrote this.)

    Well, here it is... I'd love some comments, or suggestions to improve the script... Hell, you can just be brutal if you want.


    Code:
    #!/usr/bin/python
    #######################################################
    #
    # This program is free software; you can redistribute it and/or modify it under
    # the terms of the GNU General Public License version 2, 1991 as published by
    # the Free Software Foundation.
    # 
    # This program is distributed in the hope that it will be useful, but WITHOUT
    # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
    # FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
    # details.
    # 
    # A copy of the GNU General Public License can be found at:
    # http :// www .gnu .org/licenses/gpl.html
    # or you can write to:
    # Free Software Foundation, Inc.
    # 59 Temple Place - Suite 330
    # Boston, MA 02111-1307
    # USA.
    #
    #######################################################
    
    #
    # buftool.py:  By Linuxchuck
    #
    # Inspired by genbuf.pl, which uses Pex::Text::PatternCreate and also by
    #   pattern_offset.rb found in the Metasploit Framework 3 tools directory.
    #   Credit goes to the authors of those files.
    #
    # This script combines the function of both scripts into one package using
    #   only Python.
    
    import sys
    import string
    
    def usage():
        print "Usage: ", sys.argv[0], " <number> [string]"
        print "   <number> is the size of the buffer to generate."
        print "   [string] is the optional string to search for in the buffer."
        print ""
        print "   If [string] is provided, the buffer will not be printed, only the location"
        print "     of where the string starts in the buffer.  This search is CASE SENSITIVE!"
        sys.exit()
    
    try:
        dummy = int(sys.argv[1])
    except:
        usage()
    
    if len(sys.argv) > 3:
        usage
    
    if len(sys.argv) == 3:
        search = "TRUE"
        searchstr = sys.argv[2]
    else:
        search = "FALSE"
    
    stop = int(sys.argv[1]) / 3 + 1
    patend = int(sys.argv[1])
    patrange = range(0,stop,1)
    first = 65
    second = 97
    third = 0
    item = ""
    
    for i in patrange:
        reset_first = "FALSE"
        reset_second = "FALSE"
        if third == 10:
            third = 0
            second += 1
        if second == 123:
            first +=1
            reset_second = "TRUE"
        if first == 92:
            reset_first = "TRUE"
        item += chr(first)
        item += chr(second)
        item += str(third)
        third += 1
        if reset_first == "TRUE":
            first = 65
        if reset_second == "TRUE":
            second = 97
    
    if search != "TRUE":
        sys.stdout.write(item[0:patend])
    else:
        location = item.find(searchstr)
        if location == -1:
            print sys.argv[2] + " not found in buffer."
            sys.exit()
        print location

  2. #2
    Senior Member shamanvirtuel's Avatar
    Join Date
    Mar 2010
    Location
    Somewhere in the "Ex" human right country
    Posts
    2,988

    Default

    thx 4 contribute !

    will throw an eye when i got time ....
    Watch your back, your packetz will belong to me soon... xD

    BackTrack :
    Giving Machine Guns to Monkeys since 2006

  3. #3
    Just burned his ISO
    Join Date
    Dec 2007
    Posts
    1

    Default

    Hi,
    You don't need to use strings for True and False use the boolean literals True and False instead.

    - Paddy

  4. #4
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    13

    Default

    Quote Originally Posted by paddy3118 View Post
    Hi,
    You don't need to use strings for True and False use the boolean literals True and False instead.

    - Paddy
    Ahh, so if I did that, could I simplify

    Code:
    if search != "TRUE":
    to this:

    Code:
    if not search:
    ?

    Thanks for the suggestion. I'm still learning as I go, and am glad to take any pointers I get along the way.

  5. #5
    Junior Member
    Join Date
    Apr 2008
    Posts
    48

    Default

    In case you didn't get the answer yet linuxchuck, yes you can do that.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •