Cyber Training Guide
CTF WriteupsOther NotesHow-To: Radare2How-To: GDB
  • Cyber Training Guide
  • 0x0: Introduction
    • git-good
    • root-1
    • root-2
    • intro
  • Binary Exploitation (pwn)
    • What is Binary Exploitation?
    • 0x1: ret2win
      • win32
      • win64
      • args
    • 0x2: shellcodes
      • location
      • shell
      • constrained
    • 0x3: format strings
      • format
      • chase
      • bbpwn
    • 0x4: stack canaries
      • canary
      • findme
    • 0x5: ROP
      • rop2win
      • split
      • callme
      • write4
      • badchars
    • 0x6: PIE
      • gimme
      • leak32
      • leak64
    • 0x7: ASLR
      • groundzero
      • stepup
      • ret2plt
    • 0x8: GOT overwrites
      • gotem
      • gotem64
  • Programming
    • What is the Programming Section?
    • 0x9: Data Serialization
      • LinkedOps
      • Tree
      • TeLeVision
    • 0xA: Programming
      • Calorie Counting
      • Hash
      • Rock Paper Scissors
      • Watch the Register
      • Supply Stacks
      • Rope Bridge
      • Mountain Climbers
  • Reverse Engineering (RE)
    • What is Reverse Engineering?
    • 0xB: Ghidra
      • hardcode
      • undo
      • snake
  • Toolkit
    • Using Pwntools
      • Establishing Connection
      • Context
      • Sending/Receiving Data
      • The ELF Class
    • My Workflow
      • Tmux
      • Vim
Powered by GitBook
On this page
  • Installation
  • Usage
  • Context
  • Connection
  • Assembly
  • ELF
  • Packing/Unpacking
  • GDB
  • Misc
  • Other Modules

Was this helpful?

  1. Toolkit

Using Pwntools

This section covers many of the useful features of the Pwntools library. All of this information comes straight from the Pwntools documentation.

All of our exploits will be written in Python3, so we will be using the Python3 version of Pwntools.

Installation

Pwntools can be installed on Linux systems using:

pip3 install pwntools

Usage

Pwntools can be imported into a Python3 script using:

from pwn import *

This imports every function from Pwntools into the current namespace. This includes a number of functions.

Context

  • context.binary

  • context.log_level

  • context.arch

  • context.os

Connection

  • remote()

  • process()

  • listen()

  • ssh()

Assembly

  • asm()

  • disasm()

  • shellcraft

ELF

  • ELF()

  • ROP()

  • DynELF()

Packing/Unpacking

  • pack()

  • unpack()

  • p32() / p64()

  • u32() / u64()

GDB

  • gdb.attach()

  • gdb.debug()

Misc

  • hexdump()

  • read() and write()

  • enhex() and unhex()

  • align() and align_down()

  • urlencode() and urldecode()

Other Modules

The following are automatically imported:

  • import os

  • import sys

  • import time

  • import random

  • import requests

  • import re

PrevioussnakeNextEstablishing Connection

Last updated 1 year ago

Was this helpful?