pwntools v4.10 releases: CTF framework and exploit development library
pwntools – CTF toolkit
Pwntools is a CTF framework and exploits the development library. Written in Python, it is designed for rapid prototyping and development and intended to make exploit writing as simple as possible.
There are bits of code everyone has written a million times, and everyone has their own way of doing it. Pwntools aims to provide all of these in a semi-standard way, so that you can stop copy-pasting the same struct.unpack(‘>I’, x) code around and instead use more slightly more legible wrappers like pack or p32 or even p64(…, endian=’big’, sign=True).
Aside from convenience wrappers around mundane functionality, it also provides a very rich set of tubes which wrap all of the IO that you’ll ever perform in a single, unifying interface. Switching from a local exploit to a remote exploit, or local exploit over SSH becomes a one-line change.
Last but not least, it also includes a wide array of exploitation assistance tools for intermediate-to-advanced use cases. These include remote symbol resolution given a memory disclosure primitive (MemLeak and DynELF), ELF parsing and patching (ELF), and ROP gadget discovery and call-chain building (ROP).
Changelog v4.10
In memoriam — Zach Riggle — long time contributor and maintainer of Pwntools.
- #2185 make fmtstr module able to create payload without $ notation
- #2062 make pwn cyclic -l work with entry larger than 4 bytes
- #2092 shellcraft: dup() is now called dupio() consistently across all supported arches
- #2093 setresuid() in shellcraft uses current euid by default
- #2103 Add search for libc binary by leaked function addresses
libcdb.search_by_symbol_offsets()
- #2125 Allow tube.recvregex to return capture groups
- #2144 Removes
p2align 2
asm()
headers fromx86-32
,x86-64
andmips
architectures to avoid inconsistent instruction length when patching binaries - #2177 Support for RISC-V 64-bit architecture
- #2186 Enhance
ELF.nx
andELF.execstack
- #2129 Handle
context.newline
correctly when typing intube.interactive()
Install & Use
Copyright (c) 2015 Gallopsled et al.