Windows Stack Based Auto Buffer Overflow Exploiter

Overview

Autoflow - Windows Stack Based Auto Buffer Overflow Exploiter

Overflow

Autoflow is a tool that exploits windows stack based buffer overflow automatically.

By reducing human efforts, Autoflow works flawlessly and performs all the steps involved in a buffer overflow attack.

Autoflow works on Interative Command Line Inteface and simplies the whole attack process.

Its Highly Recommended that you should already know the process of manual buffer overflow attack.

Autoflow needs only these inputs to function :

  • IP Address of Target.
  • Port Number Where Vulnarable Application is Active.
  • Vulnarable Command
  • EIP Register Value (Only Asked During EIP Overwrite Phase)
  • Bad Characters
  • Your LHOST and LPORT whew you want to spawn the shell
  • JMP ESP Address

Meanwhile you will only have to provide inputs and the tool will perform all the tasks involved by itself.

The tool will ask you to perform small actions when needed.

Debugger is something that works on client side so the user needs to perform some tasks that are beyond the limits of this tool as of now.

Overall the idea behind building this tool is to perform the stack based buffer overflow attack in a small amount of time and without taking any hassle of manually performing everything.

Requirements

  • Kali Linux OS

  • msfvenom (Included with metasploit)

  • pattern_create.rb (Included with metasploit)

  • pattern_offset.rb (Included with metasploit)

  • netcat

  • python2.7 with socket, time, sys, subprocess, os modules.

  • Immunity Debbuger on client side

How To Install Autoflow ?

git clone https://github.com/etc5had0w/autoflow.git

cd autoflow/

chmod +rwx setup.sh

sudo ./setup.sh


How To Run Autoflow ?

run this command from your console from the autoflow folder :

./autoflow

Note : Make sure you execute Autoflow only from the Autoflow Folder.

Features

Autoflow performs these tasks automatically :

  • Fuzzing

  • Offset Matching

  • EIP Register Overwriting

  • Seding Intended Buffer for Bad Character Detection

  • Generating Payload For Reverse Shell

  • Sending Malicious Buffer to Spawn a Reverse Shell

How to use Autoflow :

Here is a small video tutorial for Autoflow :

AUTOFLOW DEMO

You might also like...
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Pupy Installation Installation instructions are on the wiki, in addition to all other documentation. For maximum compatibility, it is recommended to u

聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or CVE from Github by CVE ID.

PocOrExp in Github 聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网 注意:只通过通用的CVE号聚合,因此对于MS17-010等Windows编号漏洞以及著名的有绰号的漏洞,还是自己检索一下比较好 Usage python3 exp.py -h usage: ex

 Crowbar - A windows post exploitation tool
Crowbar - A windows post exploitation tool

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

Format SSSD Raw Kerberos Payloads into CCACHE files for use on Windows systems
Format SSSD Raw Kerberos Payloads into CCACHE files for use on Windows systems

KCMTicketFormatter This tools takes the output from https://github.com/fireeye/SSSDKCMExtractor and turns it into properly formatted CCACHE files for

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

Introduction evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files. It can process a high numbe

edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.

edgedressing One day while experimenting with airpwn-ng, I noticed unexpected GET requests on the target node. The node in question happened to be a W

A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask.

PWInput A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask. Installatio

python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)
python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)

python写的一款免杀工具(shellcode加载器)BypassAV,国内杀软全过(windows denfend)

Steal Files on a Windows Machine
Steal Files on a Windows Machine

File-Stealer Steal Files on a Windows Machine About This Script will steal certain Files on a Windows Machine and sends them to a FTP Server. Preview

Comments
  • [-] Connection Failed with Host:

    [-] Connection Failed with Host:

    Once I input IP address/port number and name for the overflow, I can see "Pattern Generated Successfully". However, it is failing when trying to connect the target. Even if I could ping to the target and see the vulnerable app is listening on the assigned port.

    Is there any way to overcome that?

    I am targeting windows 7 VM through my Kali Linux VM.

    opened by Eldonald 1
Owner
Himanshu Shukla
Trying to learn new things every day!
Himanshu Shukla
Buffer Overflow para SLmail5.5 32 bits

SLmail5.5-Exploit-BoF Buffer Overflow para SLmail5.5 32 bits con un par de utilidades para que puedas hacer el tuyo REQUISITOS PARA QUE FUNCIONE: Desa

Luis Javier 15 Jul 30, 2022
Automated tool to exploit basic buffer overflow remotely and locally & x32 and x64

Automated tool to exploit basic buffer overflow (remotely or locally) & (x32 or x64)

null 5 Oct 9, 2022
Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t

Nano 108 Dec 4, 2021
Cisco RV110w UPnP stack overflow

Cisco RV110W UPnP 0day 分析 前言 最近UPnP比较火,恰好手里有一台Cisco RV110W,在2021年8月份思科官方公布了一个Cisco RV系列关于UPnP的0day,但是具体的细节并没有公布出来。于是想要用手中的设备调试挖掘一下这个漏洞,漏洞的公告可以在官网看到。 准

badmonkey 25 Nov 9, 2022
Local File Inclusion Scanner and Exploiter

LFI-Paradise Local File Inclusion Scanner and Exploiter Features 1- Scanner 2- E

null 11 Sep 4, 2022
CVE-2021-40346 integer overflow enables http smuggling

CVE-2021-40346-POC CVE-2021-40346 integer overflow enables http smuggling Reference: https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021

donky16 34 Nov 15, 2022
NS-Defacer: a auto html injecter, In other words It's a auto defacer to deface a lot of websites in less time

Overview NS-Defacer is a auto html injecter, In other words It's a auto defacer

NightSec 10 Nov 19, 2022
Windows Virus who destroy some impotants files on C:\windows\system32\

psychic-robot Windows Virus who destroy some importants files on C:\windows\system32\ Signatures of psychic-robot.PY (python file) : Bkav Pro : ASP.We

H-Tech-Dev36 1 Jan 6, 2022
HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907

CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17. Detail HTTP

赛欧思网络安全研究实验室 365 Nov 30, 2022
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

About: Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux an

Ayoub 861 Feb 18, 2021