There are bits of code everyone has written a million times, and everyone has their own way of doing it. Pwntools aims to provide all of these in a semi-standard way, so that you can stop copy-pasting the same struct.unpack(‘>I’, x) code around and instead use more slightly more legible wrappers like pack or p32 or even p64(…, endian=’big’, sign=True).

Aside from convenience wrappers around mundane functionality, it also provides a very rich set of tubes which wrap all of the IO that you’ll ever perform in a single, unifying interface. Switching from a local exploit to a remote exploit, or local exploit over SSH becomes a one-line change.

Last but not least, it also includes a wide array of exploitation assistance tools for intermediate-to-advanced use cases. These include remote symbol resolution given a memory disclosure primitive (MemLeak and DynELF), ELF parsing and patching (ELF), and ROP gadget discovery and call-chain building (ROP).

Changelog v4.1

• #1316 Fix connect shellcraft in python 3
• #1323 Fix issues related with debugging
• #1001 Enhance unlock_bootloader with better status messages
• #1389 remove old dependencies
• #1241 Launch QEMU with sysroot if specified
• #1218 Support for FileStructure exploitation
• Many bug fixes

Download && Tutorial

Copyright (c) 2015 Gallopsled et al.