To add an exploit one has to go through a similar process as with the hardware profile, but in the case of the exploits, there are more options to provide and set.
If a new exploit needs a new hardware support then you first need to add a hardware profile, otherwise, you should use the default hardware profile.
To add an actual exploit profile you need to go through the following process:
name: "internalblue_CVE_2018_5383_Invalid"
author: "Internalblue team"
type: "PoC"
mass_testing: true
bt_version_min: 2.0
bt_version_max: 5.2
hardware: "nexus5"
command: "./internalblue_CVE_2018_5383_Invalid.sh"
parameters:
- name: "target"
name_required: false
type: "str"
help: "Target MAC address"
required: true
is_target_param: true
parameter_connector: " "
- name: "directory"
name_required: false
type: "str"
help: "Directory to save output"
required: true
is_target_param: false
parameter_connector: " "
log_pull:
in_command: true
pull_parameter: "directory"
directory:
change: true
directory: "modules/tools/custom_exploits"
3. With that you added an exploit, and you can verify that with the following command
sudo -E env PATH=$PATH bluekit -l
from bluekit.report import report_not_vulnerable, report_vulnerable, report_error
report_vulnerable("STRING YOU WANT TO APPEAR IN THE LOGS")
from bluekit.report import report_not_vulnerable, report_vulnerable, report_error
report_not_vulnerable("STRING YOU WANT TO APPEAR IN THE LOGS")
Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
If you are working with Linux or writing bash scripts, one of the most common…
What is a bash case statement? A bash case statement is a way to control…
Why Do We Check Files in Bash? When writing a Bash script, you often work…