/pwntools

CTF framework used by Gallopsled in every CTF

Primary LanguagePythonOtherNOASSERTION

pwntools - CTF toolkit

Docs latest Docs 2.2.0 PyPI Gittip Travis Twitter

This is the CTF framework used by Gallopsled in every CTF.

from pwn import *
context(arch = 'i386', os = 'linux')

r = remote('exploitme.example.com', 31337)
# EXPLOIT CODE GOES HERE
r.send(asm(shellcraft.sh()))
r.interactive()

However we have made command-line frontends for some of the functionality in pwnlib. These are:

  • asm/disasm: Small wrapper for various assemblers.
  • constgrep: Tool for finding constants defined in header files.
  • cyclic: De Bruijn sequence generator and lookup tool.
  • hex/unhex: Command line tools for doing common hexing/unhexing operations.
  • shellcraft: Frontend to our shellcode.
  • phd: Replacement for hexdump with colors.

Documentation

Our documentation is available at pwntools.readthedocs.org

To get you started, we've provided some example solutions for past CTF challenges in our write-ups repository.

Installation

pwntools is best supported on Ubuntu 12.04 and 14.04, but most functionality should work on any Posix-like distribution (Debian, Arch, FreeBSD, OSX, etc.).

Most of the functionality of pwntools is self-contained and Python-only. You should be able to get running quickly with

pip install pwntools

However, some of the features (ROP generation and assembling/disassembling foreign architectures) require non-Python dependencies. For more information, see the complete installation instructions here.

Contribution

See CONTRIBUTING.md

Contact

If you have any questions not worthy of a bug report, feel free to join us at #gallopsled on Freenode and ask away. Click here to connect.