pwnjs's Introduction

pwn.js

Basic Usage

Pre-built version of the library is located at /dist/pwn.js. API documentation is available in /docs or here, and examples of complete exploits are in /examples.

If you want to implement a new Chakra exploit, you can use this basic template:

var Exploit = (function() {
    var ChakraExploit = pwnjs.ChakraExploit,
        Integer = pwnjs.Integer;

    function Exploit() {
        ChakraExploit.call(this);
        // TODO: implement your exploit
        // TODO: leak any Chakra.dll address (e.g. a vtable)
        this.initChakra(vtable);
    }
    Exploit.prototype = Object.create(ChakraExploit.prototype);
    Exploit.prototype.constructor = Exploit;
    Exploit.prototype.read = function (address, size) {
        switch (size) {
            case 8:
            case 16:
            case 32:
            case 64:
                // TODO: implement memory read of address
        }
    }
    Exploit.prototype.write = function (address, value, size) {
        switch (size) {
            case 8:
            case 16:
            case 32:
            case 64:
                // TODO: implement memory write of value to address
        }
    }
    return Exploit;
})();

Using an exploit in a payload is easier if you use the deprecated with statement:

with (new Exploit()) {
    var malloc = importFunction('msvcrt.dll', 'malloc', Uint8Ptr);
    // ...
}

You can also define an Exploit object (non-deprecated, but more verbose):

var e = new Exploit();
var malloc = e.importFunction('msvcrt.dll', 'malloc', Uint8Ptr);
// ...

Build Instructions

You can rebuild the library using webpack:

$ npm install
$ npm run build

You can rebuild the documentation using jsdoc:

$ npm run jsdoc

Also, you can run a small HTTP server to host the documentation and examples:

$ npm start

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.

Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

TensorFlow

An Open Source Machine Learning Framework for Everyone

Django

The Web framework for perfectionists with deadlines.

Laravel

A PHP framework for web artisans

D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

web

Some thing interesting about web. New door for the world.

server

A server is a program made to process requests and deliver data to clients.

Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

Visualization

Some thing interesting about visualization, use data art

Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.

Microsoft

Open source projects and samples from Microsoft.

Google

Google ❤️ Open Source for everyone.

Alibaba

Alibaba Open Source for everyone

D3

Data-Driven Documents codes.

Tencent

China tencent open source team.

anthrax3 / pwnjs Goto Github PK