## https://sploitus.com/exploit?id=3425602D-393A-5D45-9F1A-25CE9B343627
# ๐ก๏ธ Hybrid AI Vulnerability Analyzer & PoC/Exploit Generator
An automated, end-to-end vulnerability research pipeline that combines **Traditional Static Analysis** with **Large Language Models (LLMs)** to autonomously detect, analyze, and verify **Low-Level Memory Corruptions** (Buffer Overflow, Format String) in C/C++ source code.
Unlike traditional static scanners that only report *potential* flaws, this tool generates raw **PoC (Proof of Concept)** payloads and verifies them in a **local execution sandbox** to achieve **Zero False Positives**.
---
# Key Features
- **Smart Code Slicing (Heuristic AST)**
Automatically isolates vulnerable functions to prevent LLM context window exhaustion ("Lost in the Middle" syndrome).
- **LLM-Powered Root Cause Analysis**
Utilizes **Qwen2.5-Coder (7B)** to semantically understand memory flaws and formulate exploit strategies.
- **Automated Exploit Generation**
Forces the LLM to output pure, raw-byte Python payloads (overcoming OS padding and alignment mitigations).
- **Exploitability Verification Sandbox**
Automatically compiles the target C/C++ code, injects the generated payload via stdin, and monitors for **SIGSEGV (Memory Violation)** to definitively confirm **Remote Code Execution (RCE)** capabilities.
---
# Architecture Workflow
```
+----------------------+
| C/C++ Source Code |
+----------+-----------+
|
v
+----------------------+
| 1. Static Pre-Scan |
| Detect dangerous |
| sinks (strcpy, printf|
+----------+-----------+
|
v
+----------------------+
| 2. Smart Code Slice |
| Extract vulnerable |
| function context |
+----------+-----------+
|
v
+----------------------+
| 3. LLM Reasoning |
| Root cause analysis |
+----------+-----------+
|
v
+----------------------+
| 4. PoC Generation |
| Python exploit code |
+----------+-----------+
|
v
+----------------------+
| 5. Sandbox Verify |
| Compile and execute |
+----------+-----------+
|
v
+----------------------+
| Exploit Confirmed |
| (SIGSEGV crash) |
+----------------------+
```
# Repository Structure
```
Hybrid-Vulnerability-Analyzer/
โโโ analyzer/
โ โโโ hybrid_analyzer.py # Core analysis engine & Sandbox
โโโ examples/
โ โโโ buffer_overflow/
โ โ โโโ bof.c # Test case: Stack Buffer Overflow
โ โ โโโ bofv2.c # Test case: Advanced BOF
โ โโโ format_string/
โ โโโ fmt.c # Test case: Format String Vulnerability
โโโ setup/
โ โโโ SetUpEnv.ipynb # Google Colab Backend (FastAPI + Cloudflare Tunnel)
โโโ README.md
โโโ requirements.txt
```
---
# Quick Start
## Setup Backend (LLM Server)
Upload `setup/SetUpEnv.ipynb` to **Google Colab**.
1. Select **T4 GPU runtime**
2. Click **Run All**
3. Wait for the model to load via **4-bit quantization**
4. Copy the generated Cloudflare URL
Example:
```
https://xxxxx.trycloudflare.com
```
---
## Setup Frontend & Local LLM
### 1. Install Python Dependencies
Install the required Python packages:
```bash
pip install -r requirements.txt
```
---
### 2. Install Local LLM (Ollama)
If you prefer running the AI locally without relying on cloud infrastructure, you can run the LLM using **Ollama**.
First, download and install Ollama from the official website:
https://ollama.com/download
After installation, pull and run the **Qwen2.5-Coder (7B)** model:
```bash
ollama run qwen2.5-coder:7b
```
The first run will automatically download the model.
Once running, Ollama exposes a local API endpoint at:
```
http://127.0.0.1:11434
```
Keep the Ollama process running in the background while using the analyzer.
---
## Run the Analyzer
### Option A โ Remote Mode (Google Colab + Cloudflare)
```bash
python analyzer/hybrid_analyzer.py --mode remote --url https://xxxxx.trycloudflare.com --file examples/buffer_overflow/bof.c
```
---
### Option B โ Local Mode (Ollama)
If Ollama is running locally, the analyzer will automatically connect to the local API.
```bash
python analyzer/hybrid_analyzer.py --mode local --file examples/buffer_overflow/bof.c
```
---
# Example Output
```
[*] Reading source file
[*] Slicing code around line 107...
========== Vulnerability Report ==========
Vulnerability: Stack Buffer Overflow
Function: vulnerable_function
Exploitability Score: HIGH
==========================================
[+] Running Exploitability Verification Sandbox
[*] Compiling target source code...
[+] Compilation successful
[*] Generating payload using PoC script
[*] Executing target binary with payload
[!] EXPLOIT CONFIRMED: Target crashed (Memory violation detected)
```
---
# Future Roadmap
- [ ] Integrate **pwntools** for advanced exploit generation
- [ ] Support **heap vulnerabilities** (UAF, Double Free)
- [ ] Analyze mitigation bypass (**ASLR / NX / Canary**)
---
# โ ๏ธ Disclaimer
This project is developed for **Educational and Security Research purposes only**.
Do **NOT** use this tool on systems you do not own or have explicit permission to test.