BambiXploit is ENOFLAG's public exploit parallelization tool. It will run a given exploit script for every opponent team with staggered starts, gather all flags the exploit writes to stdout, and automatically submit them. The target's address is passed as a command line parameter.
TL;DR: bambixploit pwn python3 exploit.py
> bambixploit --help
Bambixploit
Usage:
Bambixploit [options] [command]
Options:
--version Show version information
-?, -h, --help Show help and usage information
Commands:
template <Http> template command description
pwn <exploit_command> <exploit_args> start running the exploit
> bambixploit pwn --help
pwn
start running the exploit
Usage:
Bambixploit [options] pwn <exploit_command> [<exploit_args>...]
Arguments:
<exploit_command> the exploit command to run
<exploit_args> arguments for the exploit
Options:
-?, -h, --help Show help and usage information
To make developing exploits less time-intensive, BambiXploit can emit exploit templates. As of now, only a http template exists.
bambixploit template http
prints the http
template.
- Download the latest release for your arch
- Rename the file to
bambixploit
- ???
- PROFIT!
BambiXploit searches for a configuration in the following directories:
- The current working directory
- The current user's home directory
/etc/bambixploit/bambixploit.json
A sample configuration can be found here.