someguyonmastodon

I just popped a SYSTEM shell on a Windows 7 machine using my own penetration testing framework written entirely in Rust.

Amatsumara is a full exploitation framework including dynamic module loading via C FFI, interactive console, session management, 154 exploit modules, all built in Rust. Tonight I finished implementing EternalBlue (MS17-010) from scratch. Heap grooming, the SrvOs2FeaListToNt integer overflow, kernel shellcode, SrvNet buffer corruption, OS detection to automatically route between Win7 and Win8 exploit paths.

Now I have to try to find a way to sleep and not keep messing around in excitement.

#Rust #RustLang #Infosec #Cybersecurity #PenTesting #EternalBlue #MS17010 #ExploitDevelopment #CTF #TryHackMe #RedTeam #Hacking #OpenSource

Mar 6 at 3:32amWeb
Show threadFast-BlastMar 6
@Kosei is it open source?
Show threadsomeguyonmastodonMar 6
@fast_blast
https://github.com/lorsupra/Amatsumara-Framework/
GitHub - lorsupra/Amatsumara-Framework

Contribute to lorsupra/Amatsumara-Framework development by creating an account on GitHub.

GitHub
Show threadFast-BlastMar 7
@Kosei thx, I might be able to help out with writing exploit implementations or maybe work on the framework itself, if you would like me to
Show threadJulianMar 7
@Kosei is it really implemented from scratch when Claude coded it, which probably has seen other exploit code for eternal blue in its training data?
Show threadsomeguyonmastodonMar 8
@j_r you could argue that. But translating very complex exploits from github POCs to rust with an assistant seems to be the smart option imho