diff --git a/.cargo/config.toml b/.cargo/config.toml deleted file mode 100644 index de32df9..0000000 --- a/.cargo/config.toml +++ /dev/null @@ -1,5 +0,0 @@ -[target.aarch64-apple-darwin] -rustflags = [ - "-C", "link-arg=-undefined", - "-C", "link-arg=dynamic_lookup", -] \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cc4e6af..2a81fe5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,6 +3,7 @@ on: push: tags: - "v*.*.*" + workflow_dispatch: # This adds the manual trigger option jobs: build: strategy: @@ -20,29 +21,59 @@ jobs: target: aarch64-apple-darwin extension: "" archive: tar.gz + - os: ubuntu-latest + target: x86_64-pc-windows-gnu + extension: .exe + archive: tar.gz + runs-on: ${{ matrix.os }} steps: - name: Checkout code uses: actions/checkout@v3 + - name: Install Rust toolchain uses: dtolnay/rust-toolchain@stable with: targets: ${{ matrix.target }} - - name: Build for Linux/macOS - if: "!endsWith(matrix.target, 'windows-msvc')" + + - name: Install MinGW for Windows cross-compilation + if: matrix.target == 'x86_64-pc-windows-gnu' + run: | + sudo apt-get update + sudo apt-get install -y mingw-w64 + + - name: Download NPCAP SDK + if: contains(matrix.target, 'windows') + run: | + wget https://npcap.com/dist/npcap-sdk-1.13.zip -O /tmp/sdk.zip + unzip /tmp/sdk.zip -d /tmp/sdk + mkdir -p /tmp/sdk/lib/x64 + mkdir -p /tmp/sdk86/lib + mkdir -p /tmp/sdkarm/lib + cp /tmp/sdk/Lib/x64/*lib /tmp/sdk/lib/x64 + cp /tmp/sdk/Lib/x64/*lib /tmp/sdk/lib + cp /tmp/sdk/Lib/*lib /tmp/sdk86/lib + cp -r /tmp/sdk/Include /tmp/sdk86 + cp /tmp/sdk/Lib/ARM64/*lib /tmp/sdkarm/lib + cp -r /tmp/sdk/Include /tmp/sdkarm + + - name: Build for Linux/macOS/Windows run: | cargo build --release --target ${{ matrix.target }} mkdir -p release/yapppwn-${{ matrix.target }} - cp target/${{ matrix.target }}/release/yapppwn${{ matrix.extension }} release/yapppwn-${{ matrix.target }}/yapppwn - chmod +x release/yapppwn-${{ matrix.target }}/yapppwn + cp target/${{ matrix.target }}/release/yapppwn${{ matrix.extension }} release/yapppwn-${{ matrix.target }}/yapppwn${{ matrix.extension }} + + - name: Package artifact + run: | cd release - tar -czf yapppwn-${{ matrix.target }}.${{ matrix.archive }} yapppwn-${{ matrix.target }}/yapppwn - + tar -czf yapppwn-${{ matrix.target }}.${{ matrix.archive }} yapppwn-${{ matrix.target }}/yapppwn${{ matrix.extension }} + - name: Upload build artifact uses: actions/upload-artifact@v3 with: name: yapppwn-${{ matrix.target }}.${{ matrix.archive }} path: release/yapppwn-${{ matrix.target }}.${{ matrix.archive }} + create_release: needs: build runs-on: ubuntu-latest diff --git a/Cargo.lock b/Cargo.lock index 4d0d5aa..7bba214 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -13,9 +13,9 @@ dependencies = [ [[package]] name = "anstream" -version = "0.6.14" +version = "0.6.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "418c75fa768af9c03be99d17643f93f79bbba589895012a80e3452a19ddda15b" +checksum = "23a1e53f0f5d86382dafe1cf314783b2044280f406e7e1506368220ad11b1338" dependencies = [ "anstyle", "anstyle-parse", @@ -28,36 +28,36 @@ dependencies = [ [[package]] name = "anstyle" -version = "1.0.7" +version = "1.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "038dfcf04a5feb68e9c60b21c9625a54c2c0616e79b72b0fd87075a056ae1d1b" +checksum = "55cc3b69f167a1ef2e161439aa98aed94e6028e5f9a59be9a6ffb47aef1651f9" [[package]] name = "anstyle-parse" -version = "0.2.4" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c03a11a9034d92058ceb6ee011ce58af4a9bf61491aa7e1e59ecd24bd40d22d4" +checksum = "3b2d16507662817a6a20a9ea92df6652ee4f94f914589377d69f3b21bc5798a9" dependencies = [ "utf8parse", ] [[package]] name = "anstyle-query" -version = "1.1.0" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ad186efb764318d35165f1758e7dcef3b10628e26d41a44bc5550652e6804391" +checksum = "79947af37f4177cfead1110013d678905c37501914fba0efea834c3fe9a8d60c" dependencies = [ - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] name = "anstyle-wincon" -version = "3.0.3" +version = "3.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61a38449feb7068f52bb06c12759005cf459ee52bb4adc1d5a7c4322d716fb19" +checksum = "2109dbce0e72be3ec00bed26e6a7479ca384ad226efdd66db8fa2e3a38c83125" dependencies = [ "anstyle", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -74,9 +74,12 @@ checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" [[package]] name = "cc" -version = "1.0.99" +version = "1.1.34" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "96c51067fd44124faa7f870b4b1c969379ad32b2ba805aa959430ceaa384f695" +checksum = "67b9470d453346108f93a59222a9a1a5724db32d0a4727b7ab7ace4b4d822dc9" +dependencies = [ + "shlex", +] [[package]] name = "cfg-if" @@ -86,9 +89,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "clap" -version = "4.5.9" +version = "4.5.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64acc1846d54c1fe936a78dc189c34e28d3f5afc348403f28ecf53660b9b8462" +checksum = "b97f376d85a664d5837dbae44bf546e6477a679ff6610010f17276f686d867e8" dependencies = [ "clap_builder", "clap_derive", @@ -96,9 +99,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.9" +version = "4.5.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6fb8393d67ba2e7bfaf28a23458e4e2b543cc73a99595511eb207fdb8aede942" +checksum = "19bc80abd44e4bed93ca373a0704ccbd1b710dc5749406201bb018272808dc54" dependencies = [ "anstream", "anstyle", @@ -108,9 +111,9 @@ dependencies = [ [[package]] name = "clap_derive" -version = "4.5.8" +version = "4.5.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2bac35c6dafb060fd4d275d9a4ffae97917c13a6327903a8be2153cd964f7085" +checksum = "4ac6a0c7b1a9e9a5186361f67dfa1b88213572f427fb9ab038efb2bd8c582dab" dependencies = [ "heck", "proc-macro2", @@ -120,15 +123,15 @@ dependencies = [ [[package]] name = "clap_lex" -version = "0.7.1" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b82cf0babdbd58558212896d1a4272303a57bdb245c2bf1147185fb45640e70" +checksum = "1462739cb27611015575c0c11df5df7601141071f07518d56fcc1be504cbec97" [[package]] name = "colorchoice" -version = "1.0.1" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b6a852b24ab71dffc585bcb46eaf7959d175cb865a7152e35b348d1b2960422" +checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990" [[package]] name = "errno" @@ -183,21 +186,21 @@ dependencies = [ [[package]] name = "is_terminal_polyfill" -version = "1.70.0" +version = "1.70.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8478577c03552c21db0e2724ffb8986a5ce7af88107e6be5d2ee6e158c12800" +checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf" [[package]] name = "libc" -version = "0.2.155" +version = "0.2.161" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97b3888a4aecf77e811145cadf6eef5901f4782c53886191b2f693f24761847c" +checksum = "8e9489c2807c139ffd9c1794f4af0ebe86a828db53ecdc7fea2111d0fed085d1" [[package]] name = "libloading" -version = "0.8.3" +version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c2a198fb6b0eada2a8df47933734e6d35d350665a33a3593d7164fa52c75c19" +checksum = "4979f22fdb869068da03c9f7528f8297c6fd2606bc3a4affe42e6a823fdb8da4" dependencies = [ "cfg-if", "windows-targets", @@ -229,9 +232,9 @@ dependencies = [ [[package]] name = "pcap" -version = "2.0.0" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "45f1686828a29fd8002fbf9c01506b4b2dd575c2305e1b884da3731abae8b9e0" +checksum = "499125886165f62fbc0c095ead9189b253f48eb1c5fcab49f81a270f2f220652" dependencies = [ "bitflags", "errno", @@ -262,9 +265,9 @@ dependencies = [ [[package]] name = "pkg-config" -version = "0.3.30" +version = "0.3.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d231b230927b5e4ad203db57bbcbee2802f6bce620b1e4a9024a07d94e2907ec" +checksum = "953ec861398dccce10c670dfeaf3ec4911ca479e9c02154b3a215178c5f566f2" [[package]] name = "pnet" @@ -359,27 +362,27 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.85" +version = "1.0.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22244ce15aa966053a896d1accb3a6e68469b97c7f33f284b99f0d576879fc23" +checksum = "f139b0662de085916d1fb67d2b4169d1addddda1919e696f3252b740b629986e" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.36" +version = "1.0.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7" +checksum = "b5b9d34b8991d19d98081b46eacdd8eb58c6f2b201139f7c5f643cc155a633af" dependencies = [ "proc-macro2", ] [[package]] name = "regex" -version = "1.10.5" +version = "1.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b91213439dad192326a0d7c6ee3955910425f441d7038e0d6933b0aec5c4517f" +checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191" dependencies = [ "aho-corasick", "memchr", @@ -389,9 +392,9 @@ dependencies = [ [[package]] name = "regex-automata" -version = "0.4.7" +version = "0.4.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38caf58cc5ef2fed281f89292ef23f6365465ed9a41b7a7754eb4e26496c92df" +checksum = "368758f23274712b504848e9d5a6f010445cc8b87a7cdb4d7cbee666c1288da3" dependencies = [ "aho-corasick", "memchr", @@ -400,30 +403,36 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.8.4" +version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a66a03ae7c801facd77a29370b4faec201768915ac14a721ba36f20bc9c209b" +checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c" [[package]] name = "serde" -version = "1.0.203" +version = "1.0.214" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7253ab4de971e72fb7be983802300c30b5a7f0c2e56fab8abfc6a214307c0094" +checksum = "f55c3193aca71c12ad7890f1785d2b73e1b9f63a0bbc353c08ef26fe03fc56b5" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.203" +version = "1.0.214" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba" +checksum = "de523f781f095e28fa605cdce0f8307e451cc0fd14e2eb4cd2e98a355b147766" dependencies = [ "proc-macro2", "quote", "syn", ] +[[package]] +name = "shlex" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" + [[package]] name = "siphasher" version = "0.3.11" @@ -438,9 +447,9 @@ checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" [[package]] name = "syn" -version = "2.0.66" +version = "2.0.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c42f3f41a2de00b01c0aaad383c5a45241efc8b2d1eda5661812fda5f3cdcff5" +checksum = "25aa4ce346d03a6dcd68dd8b4010bcb74e54e62c90c573f394c46eae99aba32d" dependencies = [ "proc-macro2", "quote", @@ -449,18 +458,18 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.63" +version = "1.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c0342370b38b6a11b6cc11d6a805569958d54cfa061a29969c3b5ce2ea405724" +checksum = "5d171f59dbaa811dbbb1aee1e73db92ec2b122911a48e1390dfe327a821ddede" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.63" +version = "1.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4558b58466b9ad7ca0f102865eccc95938dca1a74a856f2b57b6629050da261" +checksum = "b08be0f17bd307950653ce45db00cd31200d82b624b36e181337d9c7d92765b5" dependencies = [ "proc-macro2", "quote", @@ -469,9 +478,9 @@ dependencies = [ [[package]] name = "unicode-ident" -version = "1.0.12" +version = "1.0.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" +checksum = "e91b56cd4cadaeb79bbf1a5645f6b4f8dc5bde8834ad5894a8db35fda9efa1fe" [[package]] name = "utf8parse" @@ -516,34 +525,34 @@ dependencies = [ [[package]] name = "windows-sys" -version = "0.52.0" +version = "0.59.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" +checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b" dependencies = [ "windows-targets", ] [[package]] name = "windows-targets" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6f0713a46559409d202e70e28227288446bf7841d3211583a4b53e3f6d96e7eb" +checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973" dependencies = [ "windows_aarch64_gnullvm", - "windows_aarch64_msvc 0.52.5", - "windows_i686_gnu 0.52.5", + "windows_aarch64_msvc 0.52.6", + "windows_i686_gnu 0.52.6", "windows_i686_gnullvm", - "windows_i686_msvc 0.52.5", - "windows_x86_64_gnu 0.52.5", + "windows_i686_msvc 0.52.6", + "windows_x86_64_gnu 0.52.6", "windows_x86_64_gnullvm", - "windows_x86_64_msvc 0.52.5", + "windows_x86_64_msvc 0.52.6", ] [[package]] name = "windows_aarch64_gnullvm" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7088eed71e8b8dda258ecc8bac5fb1153c5cffaf2578fc8ff5d61e23578d3263" +checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3" [[package]] name = "windows_aarch64_msvc" @@ -553,9 +562,9 @@ checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" [[package]] name = "windows_aarch64_msvc" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9985fd1504e250c615ca5f281c3f7a6da76213ebd5ccc9561496568a2752afb6" +checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469" [[package]] name = "windows_i686_gnu" @@ -565,15 +574,15 @@ checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" [[package]] name = "windows_i686_gnu" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88ba073cf16d5372720ec942a8ccbf61626074c6d4dd2e745299726ce8b89670" +checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b" [[package]] name = "windows_i686_gnullvm" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87f4261229030a858f36b459e748ae97545d6f1ec60e5e0d6a3d32e0dc232ee9" +checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66" [[package]] name = "windows_i686_msvc" @@ -583,9 +592,9 @@ checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" [[package]] name = "windows_i686_msvc" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db3c2bf3d13d5b658be73463284eaf12830ac9a26a90c717b7f771dfe97487bf" +checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66" [[package]] name = "windows_x86_64_gnu" @@ -595,15 +604,15 @@ checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" [[package]] name = "windows_x86_64_gnu" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e4246f76bdeff09eb48875a0fd3e2af6aada79d409d33011886d3e1581517d9" +checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78" [[package]] name = "windows_x86_64_gnullvm" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "852298e482cd67c356ddd9570386e2862b5673c85bd5f88df9ab6802b334c596" +checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d" [[package]] name = "windows_x86_64_msvc" @@ -613,16 +622,15 @@ checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" [[package]] name = "windows_x86_64_msvc" -version = "0.52.5" +version = "0.52.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0" +checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec" [[package]] name = "yapppwn" -version = "0.1.0" +version = "0.1.1" dependencies = [ "clap", - "hwaddr", "packet", "pcap", "pnet", diff --git a/Cargo.toml b/Cargo.toml index 583aba9..ff68af0 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,11 +1,11 @@ [package] name = "yapppwn" -version = "0.1.0" +version = "0.1.1" edition = "2021" +build = "build.rs" [dependencies] clap = { version = "4.5.9", features = ["derive"] } -hwaddr = "0.1.7" packet = "0.1.4" pnet = "0.35.0" diff --git a/build.rs b/build.rs new file mode 100644 index 0000000..01ad496 --- /dev/null +++ b/build.rs @@ -0,0 +1,30 @@ +use std::env; +use std::path::PathBuf; + +fn main() { + // Get the target operating system. + let target_os = env::var("CARGO_CFG_TARGET_OS").unwrap(); + + if target_os == "windows" { + // Windows-specific configuration search for packet.lib + + // Original path in the project + let lib_path = PathBuf::from(env::var("CARGO_MANIFEST_DIR").unwrap()).join("lib"); + let lib_path_str = lib_path.to_str().expect("Failed to convert path to string"); + + // Additional path for packet.lib + let additional_lib_path = PathBuf::from("/tmp/sdk/Lib/x64/"); + let additional_lib_path_str = additional_lib_path + .to_str() + .expect("Failed to convert additional path to string"); + + // Print the paths to the build script + println!("cargo:rustc-link-search=native={}", lib_path_str); + println!("cargo:rustc-link-search=native={}", additional_lib_path_str); + println!("cargo:rustc-link-lib=Packet"); + } else if target_os == "macos" { + // macOS-specific configuration + println!("cargo:rustc-link-arg=-undefined"); + println!("cargo:rustc-link-arg=dynamic_lookup"); + } +} diff --git a/src/exploit/exploit.rs b/src/exploit/exploit.rs index 0cb361c..a35f636 100644 --- a/src/exploit/exploit.rs +++ b/src/exploit/exploit.rs @@ -64,7 +64,29 @@ impl Exploit { println!("\n[+] Heap grooming...done"); } - pub fn memory_corruption(&mut self, interface: &NetworkInterface) { + pub fn attempt_memory_corruption(&mut self, interface: &NetworkInterface, retries: usize) { + for attempt in 1..=retries { + if self.memory_corruption(interface) { + println!( + "\n[+] Memory corruption succeeded on attempt {}/{}", + attempt, retries + ); + return; + } + println!( + "\n[+] Retrying memory corruption... ({}/{})", + attempt, retries + ); + } + // All attempt fail + println!( + "\n[-] Memory corruption failed after {} retries. Exiting...", + retries + ); + std::process::exit(1); + } + + pub fn memory_corruption(&mut self, interface: &NetworkInterface) -> bool { let (mut tx, mut rx) = create_ethernet_channel(interface).unwrap(); pin_to_cpu_0( @@ -109,10 +131,11 @@ impl Exploit { source_ipv6 ); self.exploit_state.source_ipv6 = source_ipv6; + true } None => { - println!("[-] Scanning for corrupted object...failed. Please retry the exploit."); - process::exit(1); + println!("\n[-] Scanning for corrupted object...failed."); + false } } } @@ -486,12 +509,12 @@ fn extract_ps4_mac(data: &[u8]) -> Option<[u8; 6]> { #[cfg(test)] mod tests { use super::*; + use crate::exploit::get_offset_from_firmware; + use crate::read_stage; use pcap::Capture; use std::fs::File; use std::io::Read; use std::io::Write; - use crate::exploit::get_offset_from_firmware; - use crate::read_stage; #[test] fn test_extract_host_uniq() { @@ -635,7 +658,8 @@ mod tests { let stage1 = read_stage("stage1/stage1.bin").unwrap(); expl_state.pppoe_softc = 0xffff9bba06f62c00; - let rust_fake_lle = build_fake_lle(&mut expl_state, &get_offset_from_firmware(1100), &stage1); + let rust_fake_lle = + build_fake_lle(&mut expl_state, &get_offset_from_firmware(1100), &stage1); // Dump the malicious LLE to a file let mut rust_file = diff --git a/src/exploit/mod.rs b/src/exploit/mod.rs index 36335fc..9991ced 100644 --- a/src/exploit/mod.rs +++ b/src/exploit/mod.rs @@ -12,3 +12,4 @@ extern crate pnet; pub use exploit::{build_fake_ifnet, print_current_state, Exploit, ExploitState}; pub use lcp_echo_handler::LcpEchoHandler; pub use offsets::{get_offset_from_firmware, Offsets}; +pub use utils::list_interfaces; diff --git a/src/exploit/utils.rs b/src/exploit/utils.rs index 88a24fb..9f25b06 100644 --- a/src/exploit/utils.rs +++ b/src/exploit/utils.rs @@ -12,6 +12,13 @@ use pnet::datalink::Channel::Ethernet; use pnet::datalink::Config; use pnet::datalink::{self, DataLinkReceiver, DataLinkSender, NetworkInterface}; +pub fn list_interfaces() { + let interface_list = datalink::interfaces(); + for interface in interface_list { + println!("{}", interface.name); + } +} + pub fn create_ethernet_channel( interface: &NetworkInterface, ) -> Option<(Box, Box)> { diff --git a/src/main.rs b/src/main.rs index f5aeac6..2e84eba 100644 --- a/src/main.rs +++ b/src/main.rs @@ -2,7 +2,10 @@ mod constants; mod exploit; mod parser; -use exploit::{build_fake_ifnet, get_offset_from_firmware, print_current_state, Exploit, Offsets}; +use exploit::{ + build_fake_ifnet, get_offset_from_firmware, list_interfaces, print_current_state, Exploit, + Offsets, +}; use parser::{get_args, Args}; use pnet::datalink::{self}; @@ -21,6 +24,7 @@ fn run_exploit( offsets: &Offsets, stage1_path: String, stage2_path: String, + mem_corruption_retries: usize, ) { // Find interface let interface = datalink::interfaces() @@ -61,7 +65,8 @@ fn run_exploit( println!("\n[+] STAGE 1: Memory corruption"); print_current_state(&expl.exploit_state); - expl.memory_corruption(&interface); + + expl.attempt_memory_corruption(&interface, mem_corruption_retries); print_current_state(&expl.exploit_state); @@ -89,9 +94,31 @@ fn run_exploit( fn main() { println!(); - println!("[+] YAPPPWN [+]"); let args: Args = get_args(); + // Just print list of interfaces and exit + if args.list_interfaces { + list_interfaces(); + std::process::exit(0) + } + + println!("[+] YAPPPWN [+]"); println!("{}", args); - let offsets = get_offset_from_firmware(args.fw); - run_exploit(args.interface, &offsets, args.stage_1, args.stage_2) + + // Check if minimum reqs are there + if args.interface.is_none() + || args.fw.is_none() + || args.stage_1.is_none() + || args.stage_2.is_none() + { + eprintln!("Error: --interface, --fw, --stage_1, and --stage_2 must be provided."); + std::process::exit(1); + } + + let interface = args.interface.unwrap(); + let fw = args.fw.unwrap(); + let stage_1 = args.stage_1.unwrap(); + let stage_2 = args.stage_2.unwrap(); + let offsets = get_offset_from_firmware(fw); + + run_exploit(interface, &offsets, stage_1, stage_2, args.retries.unwrap()) } diff --git a/src/parser.rs b/src/parser.rs index ce65ffe..5ce177b 100644 --- a/src/parser.rs +++ b/src/parser.rs @@ -1,30 +1,56 @@ -use clap::Parser; +use clap::{ArgGroup, Parser}; use std::fmt::{Display, Formatter, Result}; #[derive(Parser, Debug)] #[command(version, about="YAPPPWN, Yet Another PPPwn (in Rust)", long_about = None)] +#[command(group = ArgGroup::new("exploit") + .args(&["interface", "fw", "stage_1", "stage_2", "retries"]) + .multiple(true) + .required(false) +)] pub struct Args { /// Interface where the ps4 is connected to #[arg(short, long)] - pub interface: String, + pub interface: Option, /// Firmware version from 1100 (11.00) to 900 (9.00) #[arg(long)] - pub fw: u32, + pub fw: Option, /// Stage 1 Payload Path #[arg(long)] - pub stage_1: String, + pub stage_1: Option, /// Stage 2 Payload Path #[arg(long)] - pub stage_2: String, + pub stage_2: Option, + /// Automatic retries for memory corruption stage + #[arg(short, default_value = "3")] + pub retries: Option, + /// List all network interfaces and exit + #[arg(long)] + pub list_interfaces: bool, } impl Display for Args { fn fmt(&self, f: &mut Formatter<'_>) -> Result { - // Manually format each field in the Args struct - writeln!(f, "[+] Selected interface = {}", self.interface)?; - writeln!(f, "[+] Selected firmare = {}", self.fw)?; - writeln!(f, "[+] Selected stage 1 payload = {}", self.stage_1)?; - writeln!(f, "[+] Selected stage 2 payload = {}", self.stage_2)?; + // Print only if the option is present + if let Some(interface) = &self.interface { + writeln!(f, "[+] Selected interface = {}", interface)?; + } + if let Some(fw) = &self.fw { + writeln!(f, "[+] Selected firmware = {}", fw)?; + } + if let Some(stage_1) = &self.stage_1 { + writeln!(f, "[+] Selected stage 1 payload = {}", stage_1)?; + } + if let Some(stage_2) = &self.stage_2 { + writeln!(f, "[+] Selected stage 2 payload = {}", stage_2)?; + } + if let Some(retries) = &self.retries { + writeln!( + f, + "[+] Automatic retries for memory corruption = {}", + retries + )?; + } Ok(()) } }