Skip to content
/ BroIDS_Unicorn Public

simple plugin to detect shellcode on Bro IDS with Unicorn

33 stars 12 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Mipu94/BroIDS_Unicorn

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
bro
bro
 
 
exploit_code
exploit_code
 
 
slide_report
slide_report
 
 
vulnserver
vulnserver
 
 
README.md
README.md
 
 

Repository files navigation

#BroIDS_Unicorn

simple plugin to detect shellcode on Bro IDS with Unicorn

install bro and addon broccoli-python:

https://www.bro.org https://github.com/bro/broccoli-python

install unicorm-engine:

https://github.com/unicorn-engine/unicorn

##Vuln server:

new terminal run bro:

bro -i eth0 bro/detector.bro

new terminal run unicorn:

python bro/checkshell.py

run vuln service:

cd vulnserver

./socat.sh vuln

##client

change ip -> vuln server

run exploit

python exploit_code/pwn.py

##Video demo

https://youtu.be/0nd1XJ9I4pQ

About

simple plugin to detect shellcode on Bro IDS with Unicorn

Resources

Readme
Activity

Stars

33 stars

Watchers

3 watching

Forks

12 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages