Pwntools 是一款 CTF 競賽（資安搶旗攻防賽）框架，以及漏洞開發的函式庫，以 Python 設計而成（Python 2.7）。

Pwntools 網址：http://pwntools.com/

pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible.

from pwn import * context(arch = 'i386', os = 'linux') r = remote('exploitme.example.com', 31337) # EXPLOIT CODE GOES HERE r.send(asm(shellcraft.sh())) r.interactive()

1 2 3 4 5 6 7

from pwn import * context(arch = 'i386', os = 'linux')   r = remote('exploitme.example.com', 31337) # EXPLOIT CODE GOES HERE r.send(asm(shellcraft.sh())) r.interactive()

 

Try It Now!

You can now do a live demo of Pwntools, right in your browser. Alternately, you can SSH to the same host, and log in as user zerocool with this private key (passwordi_promise_not_to_be_evil).

It will drop you into a clean, Docker-ized container. There is nothing of value on the VPS, so please don’t be evil.

Documentation

Our documentation is available at docs.pwntools.com

To get you started, we’ve provided some example solutions for past CTF challenges in our write-ups repository.

Installation

pwntools is best supported on 64-bit Ubuntu 12.04 and 14.04, but most functionality should work on any Posix-like distribution (Debian, Arch, FreeBSD, OSX, etc.). Python 2.7 is required.

Most of the functionality of pwntools is self-contained and Python-only. You should be able to get running quickly with

apt-get update apt-get install python2.7 python-pip python-dev git libssl-dev pip install --upgrade pwntools

1 2 3

apt-get update apt-get install python2.7 python-pip python-dev git libssl-dev pip install --upgrade pwntools

If you’d like to be an early tester of the the current beta release, add --pre to the command-line.

However, some of the features (assembling/disassembling foreign architectures) require non-Python dependencies. For more information, see thecomplete installation instructions here.