Skip to content

Exploits

Finding and working with exploits

  • choose the exploit carrefully
  • manual review
  • read about it on google
  • add debug statements
  • payload
    • arch
    • rev / bind (try both !)
    • stage / unstaged payload
    • size ?
    • AV ?
    • Firewall restrictions ?
  • python version
    • py2 or 3 ?
    • pyenv global system or 2.7
    • 2to3
    • virtualenv
  • Compilation
    • on target if possible
    • ...todo...