You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

105 lines
2.4KB

  1. #!/usr/bin/env python3
  2. import os
  3. from argparse import ArgumentParser
  4. from binascii import hexlify, unhexlify
  5. CHARS=[
  6. "abcdefghijklmnopqrstuvwxyz",
  7. "0123456789",
  8. "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
  9. "abcdefghijklmnopqrstuvwxyz"
  10. ]
  11. PATTERN_LIMIT = 10000000
  12. def get_ascii_pattern(pattern):
  13. pattern=pattern.replace("\\x", "")
  14. try:
  15. ret=unhexlify(pattern)
  16. except:
  17. ret=pattern.encode('ascii')
  18. pass
  19. return str(ret, 'ascii')
  20. def get_pattern(**kwargs):
  21. if not 'length' in kwargs \
  22. and not 'offset' in kwargs:
  23. return None
  24. retLength = kwargs['length'] if 'length' in kwargs else None
  25. offset = kwargs['offset'] if 'offset' in kwargs else None
  26. ret=""
  27. rnd=0
  28. i=[0 for _ in range(len(CHARS))]
  29. while True:
  30. ret+=CHARS[rnd%len(CHARS)][i[rnd%len(CHARS)]]
  31. rnd+=1
  32. if retLength:
  33. if rnd == retLength:
  34. break
  35. if rnd%len(CHARS) == 0:
  36. for j in range(len(CHARS)-1, 0, -1):
  37. i[j]+=1
  38. if i[j] < len(CHARS[j]):
  39. break
  40. i[j]=0
  41. if offset:
  42. if len(ret) >= len(offset):
  43. if ret[(len(offset)*-1):] == offset:
  44. ret = f"Pattern found at offset {rnd-len(offset)}"
  45. break
  46. if rnd >= PATTERN_LIMIT:
  47. ret = None
  48. break
  49. return ret
  50. def get_args():
  51. p = ArgumentParser(description="Create a rettern to facilitate exploit dev")
  52. g = p.add_mutually_exclusive_group(required=True)
  53. g.add_argument("-c", "--create", help="Create a new rettern", type=int)
  54. g.add_argument("-o", "--offset", help="Get the offset of a rettern", type=str)
  55. return p.parse_args()
  56. def inverse_endianness(pattern):
  57. return pattern[::-1]
  58. def main():
  59. args = get_args()
  60. if args.create:
  61. ret=get_pattern(length=args.create)
  62. elif args.offset:
  63. pat=get_ascii_pattern(args.offset)
  64. ret=get_pattern(offset=pat)
  65. if not ret:
  66. pat=inverse_endianness(pat)
  67. ret=get_pattern(offset=pat)
  68. if not ret:
  69. pat=inverse_endianness(pat)
  70. print(f"Pattern {pat} not found in the first {PATTERN_LIMIT} characters...")
  71. return
  72. if os.fstat(0) == os.fstat(1):
  73. print(ret)
  74. else:
  75. print(ret, end="")
  76. return 0
  77. if __name__=='__main__':
  78. exit(main())