lisa.py

lisa.py is an Exploit Development Swiss Army Knife. It provides an interactive environment for working with macOS/iOS binaries and offers a suite of commands to analyze, manipulate, and explore potentially vulnerable processes. Key capabilities include integrating with the LLDB-based workflow, extracting shellcode samples from shell-storm, and performing common exploit-development tasks such as pattern creation and offset finding. The toolset is designed to streamline research on crashes, provide quick exploitability checks, and give quick access to shellcode payloads for testing in a controlled session.

Within the lisa.py interface, you can inspect and control a target process, search for relevant shellcode, launch applications, and generate displacement patterns. For example, exploitable checks help determine if a crash is amenable to exploitation, shellcode search connects to shell-storm to fetch candidate payloads, and patterncreate/patternoffset assist in locating the offset of an overflow. The environment emphasizes an integrated, interactive exploration workflow rather than a single scripted task, making it suitable for rapid prototyping and exploratory analysis.

Prerequisites:

• Python 3.x installed
• pip available
• Network access to fetch dependencies

Installation steps:

1. Ensure you have the project files (lisa.py and requirements.txt) in your working directory.

2. Install required Python packages:

   pip install -r requirements.txt

3. Optionally copy configuration files as needed by your environment (the README suggests placing lisa.py in your home directory and ensuring any LLDB-related setup is accessible).

4. Run lisa.py to start the interactive environment:

   python lisa.py

If you prefer isolation, consider using a virtual environment:

python -m venv venv source venv/bin/activate # on Unix-like systems pip install -r requirements.txt python lisa.py

Notes and tips:

• The project appears to rely on LLDB and external resources (e.g., shellcode databases) for functionality. Ensure you have the appropriate debugger and permissions.
• If a required dependency cannot be installed, verify network access and Python version compatibility.
• The shellcode search feature connects to an online repository; ensure you have network connectivity and consider rate limits or firewall restrictions.
• The provided commands are demonstrated in a macOS-like session; if you are on another platform, some workflows or binary paths may differ.
• If you encounter permissions issues when installing requirements, try using sudo cautiously or set up a virtual environment as shown in the installation steps.