Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries

Last update: Nov 16, 2021

Related tags

Overview

bcheck

Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than Firmware Slap.

Install

sudo apt install rabbitmq
pip install -e .

Usage

bcheck.py -h
usage: bcheck.py [-h] [-p] [-s] file

positional arguments:
  file          Binary file to check

optional arguments:
  -h, --help    show this help message and exit
  -p, --printf  Enable printf checking
  -s, --system  Enable command injection checking

Example

b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Bootloader' ">

$ bcheck.py -s examples/upload.cgi
[~] Checking for command injections
100% |############################################################| Elapsed Time: 0:00:01 Time:  0:00:01
Found 5 test sites in binary
[-] Scanned functions:
[-] : 0x401a28 : getLanIP
[+] : 0x4012b8 : mtd_write_firmware
0x7ffefdf8	->	b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Kernel'
[-] : 0x4009f0 : main
[+] : 0x4010d0 : write_flash_kernel_version
0x7ffefdf8	->	b'nvram_set 2860 old_firmware "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x00"'
[+] : 0x401338 : mtd_write_bootloader
0x7ffefdf8	->	b'/bin/mtd_write -o 0 -l 0 write AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x01 Bootloader'

Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries

Related tags

Overview

bcheck

Install

Usage

Example

Owner

Christopher Roberts

Fat-Stealer is a stealer that allows you to grab the Discord token from a user and open a backdoor in his machine.

This is a Python program that implements a vacuum cleaner as an Artificial Intelligence.

HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907

SSH Tool For OSINT and then Cracking.

Strapi Framework Vulnerable to Remote Code Execution

OpenSource Poc && Vulnerable-Target Storage Box.

An forensics tool to help aid in the investigation of spoofed emails based off the email headers.

Android Malware (Analysis | Scoring) System

Sample exploits for Zephyr CVE-2021-3625

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

Get important strings inside [Info.plist] & and Binary file also all output of result it will be saved in [app_binary].json , [app_plist_file].json file

Click-Jack - Automatic tool to find Clickjacking Vulnerability in various Web applications

A brute Force tool for Facebook

Wordlist attacks on Bitwarden data.json files

🎻 Modularized exploit generation framework

Time Discretization-Invariant Safe Action Repetition for Policy Gradient Methods

A BurpSuite extension to parse 5GC NF OpenAPI 3.0 files to assess 5G core networks

A proxy for asyncio.AbstractEventLoop for testing purposes

CVE-2021-26855 SSRF Exchange Server

Guess the password for Tik Tok accounts