Welcome to Red Canary's Exploit Primitive Platform!

This project helps researchers, redteamers, and defenders better understand exploitation techniques for Linux by providing an intentionally vulnerable service with ready-to-use exploit primitives like stack-out-of-bounds, arbitrary-write, and arbitrary-read vulnerabilities.

Using these primitives, you can have your hand at testing, or advancing, attack techniques like file-less, in-memory remote code execution. This is useful for advancing the state of the art when it comes to tradecraft, while also enabling teams to test real-world scenarios to determine if their existing security investments prevent, detect or even observe these attacks.

Build the project.

make

Run the vulnerable service on a non-production system (it’s an exploitable service).

build/_X86_64/epp LHOST LPORT

On the same system, or another system with network connectivity to the target system, run an example script to exploit a vulnerability and run untrusted code. For example, to exploit the stack-out-of-bounds and arbitrary read exploits, in order to run execute malicious code entirely in the process memory of the vulnerable service (fileless), run the following command:

./examples/remote_command_execution.py RHOST RPORT ~/YOUR_RAW_SHELLCODE
./examples/remote_code_execution.py RHOST RPORT ~/YOUR_RAW_SHELLCODE

Note: Raw shellcode can be generated using frameworks like Metasploit (see here).

We are open to contributions for both examples and primitives.