To add an exploit one has to go through a similar process as with the hardware profile, but in the case of the exploits, there are more options to provide and set.
If a new exploit needs a new hardware support then you first need to add a hardware profile, otherwise, you should use the default hardware profile.
To add an actual exploit profile you need to go through the following process:
name: "internalblue_CVE_2018_5383_Invalid"
author: "Internalblue team"
type: "PoC"
mass_testing: true
bt_version_min: 2.0
bt_version_max: 5.2
hardware: "nexus5"
command: "./internalblue_CVE_2018_5383_Invalid.sh"
parameters:
- name: "target"
name_required: false
type: "str"
help: "Target MAC address"
required: true
is_target_param: true
parameter_connector: " "
- name: "directory"
name_required: false
type: "str"
help: "Directory to save output"
required: true
is_target_param: false
parameter_connector: " "
log_pull:
in_command: true
pull_parameter: "directory"
directory:
change: true
directory: "modules/tools/custom_exploits"
3. With that you added an exploit, and you can verify that with the following command
sudo -E env PATH=$PATH bluekit -l
from bluekit.report import report_not_vulnerable, report_vulnerable, report_error
report_vulnerable("STRING YOU WANT TO APPEAR IN THE LOGS")
from bluekit.report import report_not_vulnerable, report_vulnerable, report_error
report_not_vulnerable("STRING YOU WANT TO APPEAR IN THE LOGS")
This Python script for Linux can analyze Microsoft Windows *.msi Installer files and point out…
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks…
Discover your application security risks and vulnerabilities in only a few minutes. In this guide…
The idea behind waymore is to find even more links from the Wayback Machine than…
The Pycript extension for Burp Suite is a valuable tool for penetration testing and security…
For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and…