pwntools cheatsheet

Program Interaction

start a process

p = process("binary")

to attach gdb (note: compatable terminal required, I prefer using tmux)

p = gdb.debug("binary")
p = gdb.debug("binary",alsr=False)

To interact with a remote process

p = remote(ip,port)

Writing and reading data

p.send(b"hello") -> sends "hello"
p.sendline(b"hello") -> sends "hello\n"

p.recv(100) -> read upto 100 bytes
p.recvline() -> read till a newline(\n) is encountered
p.recvall() -> readall
p.clean(1) -> readall with timeout

p.sendafter(b"some string",payload) -> sends payload after the string is encountered 
p.sendlineafter(b"some string",payload) -> same as sendafter but with newline at end


p.interactive() -> interact manually

Setting context

important when writing assembly and doing ROP

Understanding things better than their creators to find the hidden menu options they didn’t know they put there.

Pre-requisites

pwntools cheatsheet

Basic exploits

There’s more

Pwntools

pwntools cheatsheet

Program Interaction

Writing and reading data

Setting context