DEV Community

Hyunseung Ha
Hyunseung Ha

Posted on

[PWN.03] Exploitation with pwntools

pwntools is a python tool used for exploitation.
We can use it and exploit easier than in the past.

#!/usr/bin/python
from pwn import *

# remote connection
r = remote("{IP}", PORT)

# Write payload to exploit
payload = ...

# Send data to {IP}
r.send(payload)
r.sendline(payload)
r.sendafter("{STRING FROM REMOTE}", payload)
r.sendlineafter("{STRING FROM REMOTE}", payload)

# Receive data from Remote
r.recv(int)
r.recvline()
r.recvuntil("{STRING}")
... and more

# Change to Little endian or Big Endian
# Little endian
hex(u32(VALUE))
hex(u64(VALUE))

# Big Endian
hex(p32(VALUE))
hex(p64(VALUE))

# for PLT(Procedure Linkage Table) and GOT(Global Offset 
Table)
e = ELF('{FILE}')
puts_plt = e.plt['puts']
read_got = e.got['read']

# Set architecture
context.arch = "amd64" # or i386, arm

# SHELL making AUTOMATICALLY
s = shellcraft.sh()
Enter fullscreen mode Exit fullscreen mode

We can easily perform exploits using the above.

Top comments (0)