Pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible.
from pwn import *
context(arch = 'i386', os = 'linux')
r = remote('exploitme.example.com', 31337)
# EXPLOIT CODE GOES HERE
r.send(asm(shellcraft.sh()))
r.interactive()Our documentation is available at docs.pwntools.com
To get you started, we've provided some example solutions for past CTF challenges in our write-ups repository.
Pwntools is best supported on 64-bit Ubuntu LTE releases (14.04, 16.04, 18.04, and 20.04). Most functionality should work on any Posix-like distribution (Debian, Arch, FreeBSD, OSX, etc.). Python >= 2.7 is required (Python 3 suggested as best).
Most of the functionality of pwntools is self-contained and Python-only. You should be able to get running quickly with
apt-get update
apt-get install python3 python3-pip python3-dev git libssl-dev libffi-dev build-essential
python3 -m pip install --upgrade pip
python3 -m pip install --upgrade pwntoolsHowever, some of the features (assembling/disassembling foreign architectures) require non-Python dependencies. For more information, see the complete installation instructions here.
See CONTRIBUTING.md
If you have any questions not worthy of a bug report, feel free to ping us
at #pwntools on Freenode and ask away.
Click here to connect.
There is also a mailing list for higher latency discussion.