pwntools is a python tool used for exploitation.
We can use it and exploit easier than in the past.
#!/usr/bin/python
from pwn import *
# remote connection
r = remote("{IP}", PORT)
# Write payload to exploit
payload = ...
# Send data to {IP}
r.send(payload)
r.sendline(payload)
r.sendafter("{STRING FROM REMOTE}", payload)
r.sendlineafter("{STRING FROM REMOTE}", payload)
# Receive data from Remote
r.recv(int)
r.recvline()
r.recvuntil("{STRING}")
... and more
# Change to Little endian or Big Endian
# Little endian
hex(u32(VALUE))
hex(u64(VALUE))
# Big Endian
hex(p32(VALUE))
hex(p64(VALUE))
# for PLT(Procedure Linkage Table) and GOT(Global Offset
Table)
e = ELF('{FILE}')
puts_plt = e.plt['puts']
read_got = e.got['read']
# Set architecture
context.arch = "amd64" # or i386, arm
# SHELL making AUTOMATICALLY
s = shellcraft.sh()
We can easily perform exploits using the above.
Top comments (0)