simple plugin to detect shellcode on Bro IDS with Unicorn
Use Git or checkout with SVN using the web URL.
Work fast with our official CLI. Learn more about the CLI.
Please sign in to use Codespaces.
If nothing happens, download GitHub Desktop and try again.
If nothing happens, download GitHub Desktop and try again.
If nothing happens, download Xcode and try again.
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
#BroIDS_Unicorn
simple plugin to detect shellcode on Bro IDS with Unicorn
install bro and addon broccoli-python:
https://www.bro.org https://github.com/bro/broccoli-python
install unicorm-engine:
https://github.com/unicorn-engine/unicorn
##Vuln server:
new terminal run bro:
bro -i eth0 bro/detector.bro
new terminal run unicorn:
python bro/checkshell.py
run vuln service:
cd vulnserver
./socat.sh vuln
##client
change ip -> vuln server
run exploit
python exploit_code/pwn.py
##Video demo
simple plugin to detect shellcode on Bro IDS with Unicorn