When exploiting these challenges, I highly recommend using gdb to save you some time.

in pwntools#

debugging will only work with with a multiplexer like tmux(covered in the linux module)

The difference between these is important

Start a process with the debugger(This will drop privileges)

p = gdb.debug("process")

Start the process and then attach a debugger(this will not work if its a setuid binary)

p = process("process")
gdb.attach(p)

Debugging shellcode#

If your shellcode doesn’t work for some reason, add an int3 instruction to the beginning of your shellcode (\xcc). When run with a debugger it will automatically break at that point.

This allows you to step through the instructions using ni and see what went wrong.

Stack address will shift between practice mode and challenge mode due to environment variables.