Highest Voted 'pwntools' Questions

1

vote

2 answers

Why is there a difference between printing escaped hex characters inline in the terminal and in a program running the the terminal?

I was trying to send a string to another application running on a server (which I do not have access to). The string includes null characters. Now I noticed that when I run the following code in a script, print('abc\x00\x91\x11\x01123') the output…

asked Apr 14 '19 at 16:27

MMikkk

45
7

1

vote

1 answer

Unable to inject valid instruction pointer during exploit

I am trying to exploit a given program and I can't figure out what I doing wrong. Long story short I manage to inject code to overwrite the RIP. This means that I should be able to redirect the code execution, but the problem is, I get SIGSEGV. Do I…

c assembly stack-overflow exploit pwntools

asked Feb 18 '19 at 20:57

A39-A20

35
2
9

0

votes

1 answer

pwndbg crashed while hook debuging, after send the payload

OS: Arch Linux x86_64 This is my source code: // gcc source.c -o vuln -no-pie -fno-stack-protector -z execstack -m32 #include void unsafe() { char buffer[40]; puts("Overflow me"); gets(buffer); } void main() { …

gdb archlinux pwntools

asked Aug 13 '23 at 15:53

CuB3y0nd

1
1

0

votes

1 answer

Only "cat" command doesn't print any output after getting shell by pwntool

I was making a simple CTF(Capture The Flag) problem with docker. The current case is simple(It's not a real problem, it's just a test.); enter a specified string and get a shell(/bin/bash) if correct. The original C source code is here. If the…

python-3.x linux docker exploit pwntools

asked Jul 31 '23 at 09:21

KnightChaser

143
1
9

0

votes

0 answers

The problem is based on linux/x64 asm wget+chmod+exec

The problem is based on linux/x64 asm wget+chmod+exec I have some questions to ask I am using pwntool for buffer overflow attack, I want to stuff the shellcode in the stack for him to run, I tested using execve("/bin/sh') and I can get the shell…

assembly x86-64 shellcode pwntools

asked May 25 '23 at 02:09

0xbe61a55f

3
3

0

votes

0 answers

importing pwntools in google colab

I was importing pwntools in google colab but this error stops pwntools from importing: UnsupportedOperation Traceback (most recent call last) in () ----> 1 from pwn import * 2…

python jupyter-notebook google-colaboratory pwntools

asked Apr 27 '23 at 07:18

gr007

21
3

0

votes

0 answers

error reading solve script template: error reading "/home/mike/.config/pwninit-template.py"

While I was trying to run pwninit I was getting the following error error: failed making template solve script: error reading solve script template: error reading "/home/mike/.config/pwninit-template.py": No such file or directory (os error…

binary elf init ctf pwntools

asked Apr 15 '23 at 17:53

Mike

9
3

0

votes

0 answers

ROP on scanf(%[NUM] s)

im trying to do a ROP attack using buffer over flow: int main(void) { char str[112]; puts("What is your name? "); scanf("%129s",str); printf("Goodbye %s!\n",str); return 0; } Im trying to buffer over flow the RIP and my offset is…

assembly gdb reverse-engineering pwntools

asked Apr 10 '23 at 13:31

Tal Roz

1
1

0

votes

0 answers

Python3 pwntools ssh connection - ValueError

I am trying to initiate an SSH connection from my local machine to a host via pwntools and I keep getting a ValueError raised, even though when I ssh the same host from the terminal I get no errors. My code is as follows: from pwn import…

python-3.x ssh pwntools

asked Feb 11 '23 at 00:25

George Sp

553
5
20

0

votes

0 answers

How do I enable GDB/GEF to allow me to see how stack changes as I insert discrete input?

I am trying to identify the offset in which a buffer overflow occurs via pwntools and gdb. Here is the C code (x64): int input[8]; int count, num; count = 0; while(1) { printf("Enter:\n"); scanf("%d", &num); if (num ==…

debugging assembly gdb buffer-overflow pwntools

asked Jan 30 '23 at 23:33

tbb

15
4

0

votes

0 answers

python pwntools asm/disasm convertion

I'm experimenting on pwntools ctf framework. Why the following disasm gives different output . Here just converting 'nop' and get the byte string. >>> asm('nop') b'\x90' >>> disasm(b'\x90') ' 0: 90 nop' x090 is the opcode…

python-3.x assembly pwntools

asked Jan 28 '23 at 01:12

Tharanga Abeyseela

3,255
4
33
45

0

votes

0 answers

neovim: pwntools process automatically stops when trying to invoke interactive shell

I'm using python pwntools. I'm using python 3.10.x This line of code should open a shell for me: io.interactive() But while running this file from vim using !./% it doesn't open the shell doesn't invoke as it was supposed to be. The process stops…

python python-interactive interactive-shell pwntools

asked Jan 20 '23 at 11:48

NobinPegasus

545
2
16

0

votes

0 answers

I want to get the values output from a process that has been executed once

from pwn import * import subprocess import sys def disas(a): context.terminal = ['gnome-terminal', '-x', 'sh', '-c'] p = gdb.debug(a,gdbscript='disas main') print(p) print("[*] Please same directory ELF & StackVisual file") a =…

python pwntools

asked Jan 15 '23 at 07:54

4hack tool

1
2

0

votes

0 answers

workaround for this module?

Im trying to install pwntools on OSX but theres a little bump in the installation process, for some reason, there is this module called "unicorn" that uses a setup.py which is deprecated, is there a work around for this? error:…

python pip setup.py pwntools

asked Oct 29 '22 at 14:34

Cheesewaffle

45
4

0

votes

2 answers

can't debug properly

In the last few days I tried to solve "unlink" challenge in pwnable.kr and I'm struggling to attach a debugger remotely and locally on the server using pwntools (code added below). #!/usr/bin/env python3 # -*- coding: utf-8 -*- from pwn import…

python gdb pwntools

asked Sep 25 '22 at 20:21

talsim

42
4

Questions tagged [pwntools]