To add an exploit one has to go through a similar process as with the hardware profile, but in the case of the exploits, there are more options to provide and set.
If a new exploit needs a new hardware support then you first need to add a hardware profile, otherwise, you should use the default hardware profile.
To add an actual exploit profile you need to go through the following process:
name: "internalblue_CVE_2018_5383_Invalid"
author: "Internalblue team"
type: "PoC"
mass_testing: true
bt_version_min: 2.0
bt_version_max: 5.2
hardware: "nexus5"
command: "./internalblue_CVE_2018_5383_Invalid.sh"
parameters:
- name: "target"
name_required: false
type: "str"
help: "Target MAC address"
required: true
is_target_param: true
parameter_connector: " "
- name: "directory"
name_required: false
type: "str"
help: "Directory to save output"
required: true
is_target_param: false
parameter_connector: " "
log_pull:
in_command: true
pull_parameter: "directory"
directory:
change: true
directory: "modules/tools/custom_exploits"
3. With that you added an exploit, and you can verify that with the following command
sudo -E env PATH=$PATH bluekit -l
from bluekit.report import report_not_vulnerable, report_vulnerable, report_error
report_vulnerable("STRING YOU WANT TO APPEAR IN THE LOGS")
from bluekit.report import report_not_vulnerable, report_vulnerable, report_error
report_not_vulnerable("STRING YOU WANT TO APPEAR IN THE LOGS")
Starship is a powerful, minimal, and highly customizable cross-shell prompt designed to enhance the terminal…
Lemmy is an innovative, open-source platform designed for link aggregation and discussion, providing a decentralized…
The latest release of ImHex v1.37.0 introduces a host of exciting features and improvements, enhancing…
Ghauri is a cutting-edge, cross-platform tool designed to automate the detection and exploitation of SQL…
Writing tools have become indispensable for individuals looking to enhance their writing efficiency, accuracy, and…
PatchWerk is a proof-of-concept (PoC) tool designed to clean NTDLL syscall stubs by patching syscall…