Pwntools 是一款 CTF 競賽(資安搶旗攻防賽)框架,以及漏洞開發的函式庫,以 Python 設計而成(Python 2.7)。
Pwntools 網址:http://pwntools.com/
pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible.
1234567 from pwn import *context(arch = 'i386', os = 'linux')r = remote('exploitme.example.com', 31337)# EXPLOIT CODE GOES HEREr.send(asm(shellcraft.sh()))r.interactive()
Try It Now!
You can now do a live demo of Pwntools, right in your browser. Alternately, you can SSH to the same host, and log in as user
zerocool
with this private key (passwordi_promise_not_to_be_evil
).It will drop you into a clean, Docker-ized container. There is nothing of value on the VPS, so please don’t be evil.
Documentation
Our documentation is available at docs.pwntools.com
To get you started, we’ve provided some example solutions for past CTF challenges in our write-ups repository.
Installation
pwntools is best supported on 64-bit Ubuntu 12.04 and 14.04, but most functionality should work on any Posix-like distribution (Debian, Arch, FreeBSD, OSX, etc.). Python 2.7 is required.
Most of the functionality of pwntools is self-contained and Python-only. You should be able to get running quickly with
123 apt-get updateapt-get install python2.7 python-pip python-dev git libssl-devpip install --upgrade pwntoolsIf you’d like to be an early tester of the the current beta release, add
--pre
to the command-line.However, some of the features (assembling/disassembling foreign architectures) require non-Python dependencies. For more information, see thecomplete installation instructions here.