Skip to content

Gallopsled/pwntools-tutorial

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
4 branches 0 tags
Code

Latest commit

@heapcrash
heapcrash Whoops
0ecc618 Mar 19, 2021
Whoops
0ecc618

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
walkthrough
Update README.md
November 14, 2019 04:02
.gitignore
Ignore gdbhistory files
June 11, 2015 05:13
LICENSE
Convert Binjitsu->Pwntools references
August 21, 2017 13:28
README.md
Add Bytes section
March 19, 2021 06:26
assembly.md
Convert Binjitsu->Pwntools references
August 21, 2017 13:28
bytes.md
Whoops
March 19, 2021 06:28
context.md
Convert Binjitsu->Pwntools references
August 21, 2017 13:28
debugging.md
Outline for content
June 19, 2020 22:16
elf.md
Add section about running and debugging ELF files
June 19, 2020 22:18
installing.md
Update installation instructions from Ubuntu 12 to Ubuntu 18
February 24, 2021 05:50
logging.md
Add logging tutorial
June 19, 2020 22:16
rop.md
[rop] First pass at ROP docs
July 10, 2020 02:09
tubes.md
Convert Binjitsu->Pwntools references
August 21, 2017 13:28
utility.md
Correct title
October 9, 2018 15:07
Pwntools Tutorials Introduction Table of Contents

README.md

Pwntools Tutorials

This repository contains some basic tutorials for getting started with pwntools (and pwntools).

These tutorials do not make any effort to explain reverse engineering or exploitation primitives, but assume this knowledge.

Introduction

Pwntools is a grab-bag of tools to make exploitation during CTFs as painless as possible, and to make exploits as easy to read as possible.

There are bits of code everyone has written a million times, and everyone has their own way of doing it. Pwntools aims to provide all of these in a semi-standard way, so that you can stop copy-pasting the same struct.unpack('>I', x) code around and instead use more slightly more legible wrappers like pack or p32 or even p64(..., endian='big', sign=True).

Aside from convenience wrappers around mundane functionality, it also provides a very rich set of tubes which wrap all of the IO that you'll ever perform in a single, unifying interface. Switching from a local exploit to a remote exploit, or local exploit over SSH becomes a one-line change.

Last but not least, it also includes a wide array of exploitation assistance tools for intermediate-to-advanced use cases. These include remote symbol resolution given a memory disclosure primitive (MemLeak and DynELF), ELF parsing and patching (ELF), and ROP gadget discovery and call-chain building (ROP).

Table of Contents

  • Installing Pwntools
  • Tubes
    • Basic Tubes
    • Interactive Shells
    • Processes
    • Networking
    • Secure Shell
    • Serial Ports
  • Utility
    • Encoding and Hashing
    • Packing / unpacking integers
    • Pattern generation
    • Safe evaluation
  • Bytes vs. Strings
    • Python2
    • Python3
      • Gotchas
  • Context
    • Architecture
    • Endianness
    • Log verbosity
    • Timeout
  • ELFs
    • Reading and writing
    • Patching
    • Symbols
  • Assembly
    • Assembling shellcode
    • Disassembling bytes
    • Shellcraft library
    • Constants
  • Debugging
    • Debugging local processes
    • Breaking at the entry point
    • Debugging shellcode
  • ROP
    • Dumping gadgets
    • Searching for gadgets
    • ROP stack generation
    • Helper functions
  • Logging
    • Basic logging
    • Log verbosity
    • Progress spinners
  • Leaking Remote Memory
    • Declaring a leak function
    • Leaking arbitrary memory
    • Remote symbol resolution

About

Tutorials for getting started with Pwntools

pwntools.com

Resources

Readme

License

MIT license
Activity

Stars

1.1k stars

Watchers

32 watching

Forks

245 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 5

Languages