ok so i have vulnserver.exe running on my win7 box waiting for input on port 9999. It takes in certain commands with parameters one of which is TRUN and is designed to trigger a buffer overflow if the TRUN parameters are the right length:
this is the python im running on kali linux to try to connect to vulnserver and see if can cause a crash:
import socket
numAs = 10
try:
while True:
# open a connection to vulnserver
s = socket.socket (socket.AF_INET, socket.SOCK_STREAM)
s.connect (("194.168.1.154", 9999))
# receive the banner for vulnserver
s.recv (1024)
print "[*] Sending " + str(numAs) + " As"
# send the number of As to fuzz the HTER command
s.send ("HTER " + "A" * numAs + " \r\n")
# receive the response from vulnserver
s.recv (1024)
# close the connection
s.close ()
# increase the number of As we send next time
numAs += 10
except:
# if we get to here then something happened to vulnserver because the
connection is closed
print "Socket closed after sending " + str(numAs - 10) + " As"
however here is the command line output im getting
./hterfuzz.py: line 2: numAs: command not found
./hterfuzz.py: line 3: try:: command not found
./hterfuzz.py: line 6: syntax error near unexpected token `('
./hterfuzz.py: line 6: `s = socket.socket (socket.AF_INET,socket.SOCK_STREAM)'
Im very new to python and dont understand some basic errors so any help would be greatly appreciated. Thanks so much !
also the vulnserver.exe program is available here : http://sites.google.com/site/lupingreycorner/vulnserver.zip
and the tutorial on fuzzing using vulnserver is here: https://samsclass.info/127/proj/vuln-server.htm
if there is any other info I can provide just ask, Im simply trying to fix the errors in the py script so I can play around with it to try and find out whats needed to cause the overflow and eventually modify it to create a useful input string to execute processes on the win7 box by sending the string to vulnserver.
Thanks for any help people :)
Quite a simple one this - your script is being interpreted by bash, not python.
Just add this as the first line of your code: #!/usr/bin/python