Unduhan PPPwnUI - Unduhan kode sumber PPPwnUI

PPPwnUI

Kode sumber lainnya

PPPwnUI Release 4.1

Unduh

PPPwnUI

PPPwnUI adalah program yang dibuat dengan Python yang menambahkan UI pada eksploitasi PPPwn yang dibuat oleh TheFlow.

Instalasi:

Kloning repositori:

git clone https://github.com/B-Dem/PPPwnUI

Instal persyaratan:

pip install -r requirements.txt

Penggunaan :

Luncurkan aplikasi dengan
jendela :
PPPwnUI.bat
Linux :
```
chmod +x PPPwnUI.sh
```
Kemudian :
```
./PPPwnUI.sh
```
Pilih Antarmuka Anda menggunakan menu tarik-turun
Pilih Antara Versi Eksploitasi yang ingin Anda gunakan (PPPwn Python, PPPwn_Go)
Pilih Payload Anda Antara :
PPPwn : (Tersedia untuk : 7.00, 7.01, 7.02, 7.50, 7.51, 7.55, 8.00, 8.01, 8.03, 8.50, 8.52, 9.00, 9.03, 9.04, 9.50, 9.51, 9.60, 10.00, 10 .01, 10.50, 10.70, 10.71 & 11.00)
Muatan PPPwn Goldhen : (Tersedia untuk : 9.00, 9.60, 10.00, 10.01 & 11.00)
VTX HEN : (Tersedia untuk : 7.55, 8.00, 8.03, 8.50, 8.52, 9.00, 9.03, 9.04, 10.00, 10.01 10.50, 10.70, 10.71 & 11.00)
Payload Linux PPPwn : (Tersedia untuk : 11.00)
Muatan Khusus : (Muatan khusus Anda sendiri)
Kemudian klik Mulai PPPwn untuk memulai Eksploitasi.

Penggunaan PPPwn:

Di PS4 Anda:

Buka Settings lalu Network
Pilih Set Up Internet connection dan pilih Use a LAN Cable
Pilih Pengaturan Custom dan pilih PPPoE untuk IP Address Settings
Masukkan apa saja untuk PPPoE User ID dan PPPoE Pasword
Pilih Automatic untuk DNS Settings dan MTU Settings
Pilih Do Not Use untuk Proxy Server
Klik Test Internet Connection untuk berkomunikasi dengan komputer Anda

Jika eksploitasi gagal atau PS4 mogok, Anda dapat melewati pengaturan internet dan cukup klik Test Internet Connection . Jika skrip gagal atau macet menunggu permintaan/respons, batalkan dan jalankan lagi di komputer Anda, lalu klik Test Internet Connection di PS4 Anda.

Penggunaan Emas:

Di Komputer Anda:

Salin goldhen.bin ke direktori root USB exfat/fat32 dan masukkan ke PS4 Anda.

Contoh dijalankan:

[+] PPPwn - PlayStation 4 PPPoE RCE by theflow
[+] args: interface=enp0s3 fw=1100 stage1=stage1/stage1.bin stage2=stage2/stage2.bin
[+] Using PPPwnUI By Memz !

[+] STAGE 0: Initialization
[ * ] Waiting for PADI...
[+] pppoe_softc: 0xffffabd634beba00
[+] Target MAC: xx:xx:xx:xx:xx:xx
[+] Source MAC: 07:ba:be:34:d6:ab
[+] AC cookie length: 0x4e0
[ * ] Sending PADO...
[ * ] Waiting for PADR...
[ * ] Sending PADS...
[ * ] Waiting for LCP configure request...
[ * ] Sending LCP configure ACK...
[ * ] Sending LCP configure request...
[ * ] Waiting for LCP configure ACK...
[ * ] Waiting for IPCP configure request...
[ * ] Sending IPCP configure NAK...
[ * ] Waiting for IPCP configure request...
[ * ] Sending IPCP configure ACK...
[ * ] Sending IPCP configure request...
[ * ] Waiting for IPCP configure ACK...
[ * ] Waiting for interface to be ready...
[+] Target IPv6: fe80::2d9:d1ff:febc:83e4
[+] Heap grooming...done

[+] STAGE 1: Memory corruption
[+] Pinning to CPU 0...done
[ * ] Sending malicious LCP configure request...
[ * ] Waiting for LCP configure request...
[ * ] Sending LCP configure ACK...
[ * ] Sending LCP configure request...
[ * ] Waiting for LCP configure ACK...
[ * ] Waiting for IPCP configure request...
[ * ] Sending IPCP configure NAK...
[ * ] Waiting for IPCP configure request...
[ * ] Sending IPCP configure ACK...
[ * ] Sending IPCP configure request...
[ * ] Waiting for IPCP configure ACK...
[+] Scanning for corrupted object...found fe80::0fdf:4141:4141:4141

[+] STAGE 2: KASLR defeat
[ * ] Defeating KASLR...
[+] pppoe_softc_list: 0xffffffff884de578
[+] kaslr_offset: 0x3ffc000

[+] STAGE 3: Remote code execution
[ * ] Sending LCP terminate request...
[ * ] Waiting for PADI...
[+] pppoe_softc: 0xffffabd634beba00
[+] Target MAC: xx:xx:xx:xx:xx:xx
[+] Source MAC: 97:df:ea:86:ff:ff
[+] AC cookie length: 0x511
[ * ] Sending PADO...
[ * ] Waiting for PADR...
[ * ] Sending PADS...
[ * ] Triggering code execution...
[ * ] Waiting for stage1 to resume...
[ * ] Sending PADT...
[ * ] Waiting for PADI...
[+] pppoe_softc: 0xffffabd634be9200
[+] Target MAC: xx:xx:xx:xx:xx:xx
[+] AC cookie length: 0x0
[ * ] Sending PADO...
[ * ] Waiting for PADR...
[ * ] Sending PADS...
[ * ] Waiting for LCP configure request...
[ * ] Sending LCP configure ACK...
[ * ] Sending LCP configure request...
[ * ] Waiting for LCP configure ACK...
[ * ] Waiting for IPCP configure request...
[ * ] Sending IPCP configure NAK...
[ * ] Waiting for IPCP configure request...
[ * ] Sending IPCP configure ACK...
[ * ] Sending IPCP configure request...
[ * ] Waiting for IPCP configure ACK...

[+] STAGE 4: Arbitrary payload execution
[ * ] Sending stage2 payload...
[+] Done !