No project description provided
Project description
DeathNot3
Installation
sudo apt-get update
sudo apt-get install python3 python3-pip
python3 -m pip install --upgrade dn3
Description
DeathNot3 is a one-for-all, all-for-one tool that aims to make solving CTF pwn challenges easier and faster.
deathnot3 was started as a wrapper for pwntools, but with the addition of the "l1ght" submodule, it has become a lightweight alternative to pwntools process/remote while providing additional functionality. deathnot3 aims to:
- allow strings and bytes interchageably
- be lightweight
- provide basic automation
- be an all around pwn helper for CTFs
Requirements
Supports: Python 3.6+
Library Dependency:
- pyelftools
- zstandard
- unix_ar
- requests
- wget
Usage
from dn3 import *
binary = ELF("./binary")
libc = ELF("./libc.so.6")
ctx.mode = str
ctx.libc = libc
# recv in string. Can also be set to bytes
io = process("./binary")
DeathNot3() # Initialize deathnot3
reu("yeet") # equivalent of io.recvuntil()
sl(b"leet") # equivalent of io.sendline()
sla("yeet",8) # equivalent of io.sendlineafter()
s("bruh") # equivalent of io.send()
# bytes, string and integers can be used interchageably to send
sl(p64(0xdeadbeef)) # equivalent of p64() but returns string
sla("oof", flat([
0xdeadbeef,"ABCD" # equivalent of flat() but returns string
])
libc = libcleak("puts") # Offset integer can be given instead of symbol
# Equivalent to
# libc = unpack(io.recv(6),48) - libc.symbols.puts
# log.info("Libc -> %s" % hex(libc)
interactive() # equivalent of io.interactive()
-
CLI
dn3 template <binary_path> -l <libc_path> -r <ip>:<port>- used to generate template exploit on the go, based on a template format
- edit config using
dn3 cfgand specify template format url or path (if path prefix withlocal:) - example template format
dn3 linker <binary_path> -l <libc_path>- Find appropriate dynamic linker for given libc and patch binary with it and provided libc using
patchelf
dn3 cfg <key(optional)>- Edit dn3's config
- config is located at
~/.dn3.conf
TODO
- Implement ELF similar to that of pwntools
- Add inline description comments for code
- Implement buffering for process, remote
- Add automation
- static vulnerability detection
- ret2win
- ret2shellcode
- ret2libc/ROP
- tcache poisoning
- Add documentation to wiki
- Add support for big endian
- Add support for arm based architectures
- aarch64
- arm
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file dn3-1.2.1.tar.gz.
File metadata
- Download URL: dn3-1.2.1.tar.gz
- Upload date:
- Size: 17.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
58453d96ab402113e11db67cf3c6bcd630860e8f5afa7893889f5c297e0cd792
|
|
| MD5 |
c898933e29619424ee34ec1500c7bb00
|
|
| BLAKE2b-256 |
3a5e957c0dd72757f6b4deb4f91a365aec82cd3c1e11fa15be84430f823a49a9
|
File details
Details for the file dn3-1.2.1-py3-none-any.whl.
File metadata
- Download URL: dn3-1.2.1-py3-none-any.whl
- Upload date:
- Size: 21.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6a00a8c3a8ae41c60fcf985a5e7c08e56e9ca3e342d1bdd9bee30a4bd4207014
|
|
| MD5 |
437a5c0902f0707cbf0c6205c91938e3
|
|
| BLAKE2b-256 |
99c55196838eaf5694ccc5a0ac648c513376a02829c8b2b8943c8818a408b9b7
|
