LibExploit ---------- "Dont make exploits, make smart exploits!" - Introduction - Install - Using LibXploit - Examples & DOC - Status - Contact <<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>> - Introduction -------------- LibExploit is a library to help the security expert or the hacker (by not ;) to write exploits very fast and more easier. You have only to be concern with the technical details of the exploit itself. LibExploit give the aplication programer a nice API, rich in defines and functions for writing buffer overflows. Using LibExploit you will be able to do : * Forget about the network stuff, LibExploit takes care for you. * Use buffer overflows functions. * Able to choose between many shellcodes and platforms. * Encrypt shellcodes to evade NIDS. * Better exploits and easier. * Get the remote or local OS and put the correct shellcode. * Banner check to see if host can be exploited. * Multiplatform exploits. * And many things more.... As you can see, using LibExploit can make your work much easier when writing exploits. But not only you can use it to write exploits but also security tools, like a vulnerability scanner. LibExploit in conjuction with Libpcap/Libnet can be very powerfull. <<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>> - Install --------- Just do : # cd /src - You will find two files : Makefile.x86 Makefile.sparc - Copy Makefile.(platform) to "Makefile" on the platform you are running LibExploit. - After run "make" as normal. # make # make install !! Only tested on linux/x86. !! <<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>> - Using LibXploit 1) Include the main header. #include 2) Write your exploit using the API. 3) Compile. $ gcc exploit.c -o exploit -lexploit 4) Test ;) <<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>> - Examples & DOC ---------------- For nice examples of using LibExploit go to the example/ directory, where you can see how to use the functions of LibExploit, to write your own exploits :) Dont forget the doc/ directory where you can get the API documentation of LibExploit, with all the defines, global variables and functions at your disposal. Also read the ADMmutate API if you want to able to encrypt your shellcodes. <<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>> - Status -------- LibExploit is in development stage. This release is BETA and have only been tested on linux/x86. LibExploit should work fine on allmost any O.S. on x86. Sparc code is not working right now, fix it yourself or wait to next release :) Remote detection code has not been included because libsf 0.1 is not working on linux. But that will change ;) <<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>> - Contact --------- For any sugestion, fixes, flames or whatever, feel free to send mail. But be constructive!! Read the AUTHOR file :) Remember that LibExploit is still beta!! And contains bugs for sure!! <<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>> <<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>><<>>