Share 
## https://sploitus.com/exploit?id=3ADA419E-2254-58CC-BEA2-27D5E62EBD37
# AutoExploit - Automated Exploit Development Framework

## Overview
A modular framework that automates binary exploitation by analyzing ELF binaries, detecting security mitigations, finding ROP gadgets, and generating exploit scripts.

## Quick Start
```bash
cd /home/rootuser/xploit

# Full analysis
python3 xploit.py analyze /bin/ls

# Check security only
python3 xploit.py checksec /bin/ls

# Find ROP gadgets
python3 xploit.py gadgets /bin/ls --depth 10

# Auto-generate exploit
python3 xploit.py exploit ./vuln_binary --libc /lib/x86_64-linux-gnu/libc.so.6 -o exploit.py
```

## Commands
| Command     | Description                          |
|-------------|--------------------------------------|
| `info`      | Binary architecture/sections info    |
| `checksec`  | Security mitigation analysis         |
| `symbols`   | Extract symbols, strings, PLT/GOT    |
| `gadgets`   | Find and categorize ROP gadgets      |
| `analyze`   | Full analysis (all of the above)     |
| `exploit`   | Auto-generate exploit script         |

## Architecture
```
xploit/
โ”œโ”€โ”€ xploit.py          # CLI entrypoint
โ”œโ”€โ”€ core/
โ”‚   โ”œโ”€โ”€ binary_parser.py    # ELF parsing (pwntools)
โ”‚   โ”œโ”€โ”€ security_check.py   # checksec implementation
โ”‚   โ”œโ”€โ”€ gadget_finder.py    # ROP gadget discovery (ROPgadget)
โ”‚   โ””โ”€โ”€ symbol_db.py        # Symbols, strings, PLT/GOT
โ”œโ”€โ”€ analysis/
โ”‚   โ”œโ”€โ”€ crash_triage.py     # Offset calculation via cyclic patterns
โ”‚   โ”œโ”€โ”€ leak_engine.py      # Leaked address extraction & classification
โ”‚   โ””โ”€โ”€ libc_db.py          # Libc version identification
โ”œโ”€โ”€ payload/
โ”‚   โ”œโ”€โ”€ rop_builder.py      # ret2libc, execve, open/read/write chains
โ”‚   โ”œโ”€โ”€ shellcode_gen.py    # Shellcode generation (pwntools shellcraft)
โ”‚   โ””โ”€โ”€ bypass.py           # Strategy selection based on mitigations
โ”œโ”€โ”€ exploits/               # Auto-generated exploit scripts
โ””โ”€โ”€ README.md
```

## Strategy Selection
| NX | PIE | Canary | RELRO | Strategy |
|----|-----|--------|-------|----------|
| Off| -   | -      | -     | Shellcode on stack |
| On | Off | Off    | Partial | ret2libc (fixed addr) |
| On | On  | Off    | Partial | Leak + ret2libc |
| On | On  | On     | Full  | Leak canary + ret2libc |
| On | On  | Off    | Full  | Overwrite __free_hook |

## Dependencies
- Python 3.8+
- pwntools: `pip3 install pwntools`
- ROPgadget: `pip3 install ROPgadget` (optional, fallback available)
- readelf / objdump (binutils)

## Example
```bash
$ python3 xploit.py checksec /bin/ls

==================================================
  Security: ls
==================================================
  NX         : True         NX enabled
  PIE        : True         PIE (ET_DYN)
  RELRO      : Full         Full RELRO
  CANARY     : True         Canary present
  ASLR       : 2
==================================================
```

## License
MIT