Recent Releases of pwntools

pwntools - Release 4.15.0beta1

What's Changed

  • Poll before reading /proc/maps in process.libs() to avoid race condition by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2516
  • Fix installation on Python 3.5 and lower on stable by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2533
  • fix: update apport coredump path handling for CorefileFinder by @Meetesh-Saini in https://github.com/Gallopsled/pwntools/pull/2518
  • Fix parsing corefile with missing auxv by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2559
  • Exclude broken Unicorn version by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2565
  • Show ELF symbols defined to value 0 by @ThijsRay in https://github.com/Gallopsled/pwntools/pull/2451
  • Fix syntax highlighting of multiline comments in ASM by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2562
  • Fixed bound on memcpy loop in thumb,arm,aarch64 by @themaks in https://github.com/Gallopsled/pwntools/pull/2552

New Contributors

  • @Meetesh-Saini made their first contribution in https://github.com/Gallopsled/pwntools/pull/2518
  • @ThijsRay made their first contribution in https://github.com/Gallopsled/pwntools/pull/2451
  • @themaks made their first contribution in https://github.com/Gallopsled/pwntools/pull/2552

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.15.0beta0...4.15.0beta1

- Python
Published by Arusekk 11 months ago

pwntools - Release 4.14.1

What's Changed

  • Poll before reading /proc/maps in process.libs() to avoid race condition by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2516
  • Fix installation on Python 3.5 and lower on stable by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2533
  • fix: update apport coredump path handling for CorefileFinder by @Meetesh-Saini in https://github.com/Gallopsled/pwntools/pull/2518
  • Fix parsing corefile with missing auxv by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2559
  • Exclude broken Unicorn version by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2565
  • Show ELF symbols defined to value 0 by @ThijsRay in https://github.com/Gallopsled/pwntools/pull/2451
  • Fix syntax highlighting of multiline comments in ASM by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2562
  • Fixed bound on memcpy loop in thumb,arm,aarch64 by @themaks in https://github.com/Gallopsled/pwntools/pull/2552

New Contributors

  • @Meetesh-Saini made their first contribution in https://github.com/Gallopsled/pwntools/pull/2518
  • @ThijsRay made their first contribution in https://github.com/Gallopsled/pwntools/pull/2451
  • @themaks made their first contribution in https://github.com/Gallopsled/pwntools/pull/2552

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.14.0...4.14.1

- Python
Published by Arusekk 11 months ago

pwntools - Release 4.15.0beta0

What's Changed

  • Deprecate 'keepends' argument in favor of 'drop' by @MrQubo in https://github.com/Gallopsled/pwntools/pull/2476
  • Deprecate direct commandline scripts invocation and exclude nonsense ones by @tkmikan in https://github.com/Gallopsled/pwntools/pull/2364
  • Cache output of asm() by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2358
  • Add tube.upload_manually to upload files in chunks by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2410
  • libcdb-cli: add --offline-only, refactor unstrip and add fetch parser for download libc-database by @the-soloist in https://github.com/Gallopsled/pwntools/pull/2478
  • libcdb: improve the search speed of search_by_symbol_offsets by @the-soloist in https://github.com/Gallopsled/pwntools/pull/2413
  • Allow to disable caching by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2484
  • darwin: Bump syscalls from sdk 15.1 by @patryk4815 in https://github.com/Gallopsled/pwntools/pull/2448
  • Nicely handle non ELF files in checksec commandline tool by @tesuji in https://github.com/Gallopsled/pwntools/pull/2457
  • Add ELF.close() to release resources by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2444
  • Properly close spawned kitty window by @k4lizen in https://github.com/Gallopsled/pwntools/pull/2471
  • Redirect kitty kill command stderr to /dev/null by @k4lizen in https://github.com/Gallopsled/pwntools/pull/2472
  • Extract libraries from Docker image in pwn template by @lcian in https://github.com/Gallopsled/pwntools/pull/2479
  • Fix waiting for gdb under WSL2 by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2470
  • Stop using cmd.exe to keep current directory in WSL2 by @robbert1978 in https://github.com/Gallopsled/pwntools/pull/2488
  • Only print checksec output of ELF.libc when it was printed for the ELF already by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2483
  • Throw error when using sni and setting server_hostname manually in remote by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2482
  • Fix attaching to a gdbserver with tuple gdb.attach(('0.0.0.0',12345)) by @ckxckx in https://github.com/Gallopsled/pwntools/pull/2291
  • Fix loading ELF files without valid .dynamic section by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2502
  • ssh tube: replaced nonexistent key with str(e) in error handling method to get proper error message displayed in stacktrace by @findus in https://github.com/Gallopsled/pwntools/pull/2512
  • Ignore a warning with unused args in asm on NIX by @sbancuz in https://github.com/Gallopsled/pwntools/pull/2508
  • Update documentation for format strings by @Legoclones in https://github.com/Gallopsled/pwntools/pull/2501
  • Update sphinx for Python 3.13 support by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2503
  • Cache HTTP requests to external libcdb services in CI by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2487
  • CI: Install pwntools on Windows and import it once by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2450
  • Fix collecting coverage in CI by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2477

New Contributors

  • @tesuji made their first contribution in https://github.com/Gallopsled/pwntools/pull/2457
  • @lcian made their first contribution in https://github.com/Gallopsled/pwntools/pull/2479
  • @robbert1978 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2488
  • @ckxckx made their first contribution in https://github.com/Gallopsled/pwntools/pull/2291
  • @Legoclones made their first contribution in https://github.com/Gallopsled/pwntools/pull/2501
  • @findus made their first contribution in https://github.com/Gallopsled/pwntools/pull/2512
  • @sbancuz made their first contribution in https://github.com/Gallopsled/pwntools/pull/2508

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.14.0beta1...4.15.0beta0

- Python
Published by peace-maker about 1 year ago

pwntools - Release 4.14.0

What's Changed

  • Return buffered data on first EOF in tube.readline() by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2376
  • Add basic RISCV64 shellcraft support by @peace-maker and @LevitatingLion in https://github.com/Gallopsled/pwntools/pull/2322
  • feat: Concatenate multiple shellcraft templates on commandline using shellcraft A + B by @cocoa-xu in https://github.com/Gallopsled/pwntools/pull/2398
  • Add local libc database provider for libcdb by @the-soloist in https://github.com/Gallopsled/pwntools/pull/2356
  • libcdb: Add offline parameter for search_by_hash series function by @the-soloist in https://github.com/Gallopsled/pwntools/pull/2360
  • libcdb: add offline_only to search_by_symbol_offsets by @the-soloist in https://github.com/Gallopsled/pwntools/pull/2388
  • libcdb.unstrip_libc: debug symbols are fetched only if not present already by @sswastik02 in https://github.com/Gallopsled/pwntools/pull/2374
  • Add basic support to debug processes on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2327
  • Support asm/disasm on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2437
  • Change newline when setting context.os to "windows" by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2330
  • Add TTY escape function for file transfer by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2422
  • Shellcode socket IPV6 by @Dvorhack in https://github.com/Gallopsled/pwntools/pull/2415
  • Add "none" ssh authentication method by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2405
  • Add port, gdb_args, and gdbserver_args to gdb.debug() by @gfelber in https://github.com/Gallopsled/pwntools/pull/2382
  • gdb.debug: avoid 2s timeout if possible by @mephi42 in https://github.com/Gallopsled/pwntools/pull/2435
  • Add functions for retrieving process mappings by @k4lizen in https://github.com/Gallopsled/pwntools/pull/2371
  • fix fromsocket to deal with ipv6 socket by @leommxj in https://github.com/Gallopsled/pwntools/pull/2497
  • Fix passing bytes to context.log_file and crc.BitPolynom by @marinelay in https://github.com/Gallopsled/pwntools/pull/2389
  • Change from pop to keys for reporting proper error message by @marinelay in https://github.com/Gallopsled/pwntools/pull/2391
  • Fix duplicate definition of ssh.sftp by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2394
  • Fix access of undefined ssh._tried_sftp in raw mode by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2396
  • Convert bytes-like object to string in apport_corefile() method by @sanjitkumar2016 in https://github.com/Gallopsled/pwntools/pull/2387
  • Add resolution_addr parameter to Ret2dlresolvePayload by @k4lizen in https://github.com/Gallopsled/pwntools/pull/2436
  • Docs: Add sudo for apt-get by @qux-bbb in https://github.com/Gallopsled/pwntools/pull/2395
  • Updated Mac OS Install Documentation by @lewiswatson55 in https://github.com/Gallopsled/pwntools/pull/2392
  • Improve remote() documentation by @MrQubo in https://github.com/Gallopsled/pwntools/pull/2427
  • feat: use --no-cache-dir flag to pip in dockerfiles to save space by @Rajpratik71 in https://github.com/Gallopsled/pwntools/pull/2357
  • Test Python version >= 3.10 in CI and fix tests on Python 3.12 by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2486

New Contributors

  • @Rajpratik71 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2357
  • @sswastik02 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2374
  • @lewiswatson55 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2392
  • @marinelay made their first contribution in https://github.com/Gallopsled/pwntools/pull/2389
  • @qux-bbb made their first contribution in https://github.com/Gallopsled/pwntools/pull/2395
  • @sanjitkumar2016 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2387
  • @Dvorhack made their first contribution in https://github.com/Gallopsled/pwntools/pull/2415
  • @cocoa-xu made their first contribution in https://github.com/Gallopsled/pwntools/pull/2398
  • @gfelber made their first contribution in https://github.com/Gallopsled/pwntools/pull/2382

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.13.1...4.14.0

- Python
Published by peace-maker about 1 year ago

pwntools - Release 4.14.0beta1

What's Changed

  • Fix parsing the PLT on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2445
  • Fix PLT emulation with Unicorn 2.1.0 by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2466
  • Backport: Fix typo for fallback to default number of console colors on windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2467
  • Fix: GDB 15.1 rpyc detection by @SecT0uch in https://github.com/Gallopsled/pwntools/pull/2469
  • gdb: fix pid attach by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2474

New Contributors

  • @SecT0uch made their first contribution in https://github.com/Gallopsled/pwntools/pull/2469

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.14.0beta0...4.14.0beta1

- Python
Published by peace-maker over 1 year ago

pwntools - Release 4.13.1

What's Changed

  • Fix parsing the PLT on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2445
  • Fix PLT emulation with Unicorn 2.1.0 by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2466
  • Backport: Fix typo for fallback to default number of console colors on windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2467
  • Fix: GDB 15.1 rpyc detection by @SecT0uch in https://github.com/Gallopsled/pwntools/pull/2469
  • gdb: fix pid attach by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2474

New Contributors

  • @SecT0uch made their first contribution in https://github.com/Gallopsled/pwntools/pull/2469

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.13.0...4.13.1

- Python
Published by peace-maker over 1 year ago

pwntools - Release 4.14.0beta0

What's Changed

  • Add local libc database provider for libcdb by @the-soloist in https://github.com/Gallopsled/pwntools/pull/2356
  • libcdb: Add offline_only parameter for search_by_hash series function by @the-soloist in https://github.com/Gallopsled/pwntools/pull/2360
  • libcdb: Add offline_only to search_by_symbol_offsets by @the-soloist in https://github.com/Gallopsled/pwntools/pull/2388
  • libcdb.unstrip_libc: debug symbols are fetched only if not present by @sswastik02 in https://github.com/Gallopsled/pwntools/pull/2374
  • Add basic support to debug processes on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2327
  • Support asm/disasm on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2437
  • Change newline when setting context.os to "windows" by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2330
  • Add basic RISCV64 shellcraft support by @peace-maker and @LevitatingLion in https://github.com/Gallopsled/pwntools/pull/2322
  • Return buffered data on first EOF in tube.readline() by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2376
  • Add functions for retrieving process mappings by @k4lizen in https://github.com/Gallopsled/pwntools/pull/2371
  • Add TTY escape function for file transfer by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2422
  • Add support for generating multiple shellcodes at a time in shellcraft by @cocoa-xu in https://github.com/Gallopsled/pwntools/pull/2398
  • Shellcode socket IPV6 by @Dvorhack in https://github.com/Gallopsled/pwntools/pull/2415
  • Add "none" ssh authentication method by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2405
  • Improve remote() documentation by @MrQubo in https://github.com/Gallopsled/pwntools/pull/2427
  • Add port, gdb_args, and gdbserver_args to gdb.debug() by @gfelber in https://github.com/Gallopsled/pwntools/pull/2382
  • gdb.debug: avoid 2s timeout if possible by @mephi42 in https://github.com/Gallopsled/pwntools/pull/2435
  • Add resolution_addr parameter to Ret2dlresolvePayload by @k4lizen in https://github.com/Gallopsled/pwntools/pull/2436
  • feat : use --no-cache-dir flag to pip in dockerfiles to save space by @Rajpratik71 in https://github.com/Gallopsled/pwntools/pull/2357
  • Fix access of undefined ssh._tried_sftp in raw mode by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2396
  • Fix duplicate definition of ssh.sftp by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2394
  • Fix passing bytes to context.log_file and crc.BitPolynom by @marinelay in https://github.com/Gallopsled/pwntools/pull/2389
  • Change from pop to keys for reporting proper error message by @marinelay in https://github.com/Gallopsled/pwntools/pull/2391
  • Convert bytes-like object to string in apport_corefile() method by @sanjitkumar2016 in https://github.com/Gallopsled/pwntools/pull/2387
  • Updated Mac OS Install Documentation by @lewiswatson55 in https://github.com/Gallopsled/pwntools/pull/2392

New Contributors

  • @the-soloist made their first contribution in https://github.com/Gallopsled/pwntools/pull/2356
  • @Rajpratik71 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2357
  • @sswastik02 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2374
  • @lewiswatson55 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2392
  • @marinelay made their first contribution in https://github.com/Gallopsled/pwntools/pull/2389
  • @qux-bbb made their first contribution in https://github.com/Gallopsled/pwntools/pull/2395
  • @sanjitkumar2016 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2387
  • @Dvorhack made their first contribution in https://github.com/Gallopsled/pwntools/pull/2415
  • @cocoa-xu made their first contribution in https://github.com/Gallopsled/pwntools/pull/2398
  • @gfelber made their first contribution in https://github.com/Gallopsled/pwntools/pull/2382
  • @k4lizen made their first contribution in https://github.com/Gallopsled/pwntools/pull/2371

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.13.0...4.14.0beta0

- Python
Published by peace-maker over 1 year ago

pwntools - Release 4.13.0

What's Changed

  • Term module revamp: activating special handling of terminal only when necessary by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2242
  • Add support to start a process on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2310
  • Add x86 CET status to checksec output by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2293
  • Detect challenge binary and libc in pwn template by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2309
  • Fix getting right amount of data for ELF.search by @gordiig in https://github.com/Gallopsled/pwntools/pull/2281
  • elf: Resolve more relocations into GOT entries by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2277
  • rop: Make stack move faster by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2300
  • Basic darwin support for shellcrafter by @patryk4815 in https://github.com/Gallopsled/pwntools/pull/2161
  • Allow to add to the existing environment in process instead of replacing it by @heapcrash in https://github.com/Gallopsled/pwntools/pull/1763
  • Allow to add to the existing environment in ssh instead of replacing it by @heapcrash in https://github.com/Gallopsled/pwntools/pull/1764
  • Nicer error when running tmux exploit outside tmux by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2314
  • Windows shellcode: Make sure winexec is 16 byte aligned and add nCmdShow option by @kizzx2 in https://github.com/Gallopsled/pwntools/pull/2308
  • Make pwn template always set context.binary by @FlorianKothmeier in https://github.com/Gallopsled/pwntools/pull/2279
  • add timeout to gdbserver by @Ordoviz in https://github.com/Gallopsled/pwntools/pull/2321
  • Lookup using $PATHEXT file extensions in which on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2328
  • Explicitly define p64/u64 functions for IDE support by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2189
  • fix: follow symlink for libs on ssh connection by @teddav in https://github.com/Gallopsled/pwntools/pull/2338
  • Fix: Allow setting attributes on gdb Breakpoints by @Nils1729 in https://github.com/Gallopsled/pwntools/pull/2339
  • Make sure TERMPROGRAM points to a valid program in `runinnewterminal` by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2329
  • fix: split current iterm window during gdb.debug process by @teddav in https://github.com/Gallopsled/pwntools/pull/2341
  • Retry failed lookups after one week in libcdb by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2323
  • Match against local system libc first in libcdb by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2325
  • Add ELF.stripped and ELF.debuginfo properties by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2336
  • Improved DynELF address resolutions and symbol lookups by @Bl4ck-C4t in https://github.com/Gallopsled/pwntools/pull/2335
  • Add a flatten argument to ssh.libs by @ValekoZ in https://github.com/Gallopsled/pwntools/pull/2268
  • Fix Unicorn Engine 1GB limit that calls exit: raise OSError instead (Fixes #2343) by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2347
  • Bugfix gdb.debug: exe parameter now respected by @goreil in https://github.com/Gallopsled/pwntools/pull/2233
  • Fix pwn constgrep when it matches a non-constant type (Fixes #2344) by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2345
  • Fix pwn libcdb file crashing if "/bin/sh" string was not found by @xambroz in https://github.com/Gallopsled/pwntools/pull/2307
  • Fix unhex for odd length bytes by @snarkyyy in https://github.com/Gallopsled/pwntools/pull/2333
  • Fix displaying bright color variation in terminal output by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2373
  • Fix support for amd64 x32 ABI by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2305
  • Speed up disasm with color by @snarkyyy in https://github.com/Gallopsled/pwntools/pull/2334
  • Don't go through a shell in gdb.debug by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2378
  • elf/corefile: Clean up pyelftools workarounds by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2319
  • checksec.py: import ELF instead of * by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2346
  • libcdb.py - python 3.12 by @xambroz in https://github.com/Gallopsled/pwntools/pull/2302
  • remove python2 shebangs by @xambroz in https://github.com/Gallopsled/pwntools/pull/2301
  • Bump unicorn dependency to >=2.0.1 by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2315

New Contributors

  • @gordiig made their first contribution in https://github.com/Gallopsled/pwntools/pull/2281
  • @xambroz made their first contribution in https://github.com/Gallopsled/pwntools/pull/2302
  • @kizzx2 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2308
  • @FlorianKothmeier made their first contribution in https://github.com/Gallopsled/pwntools/pull/2279
  • @Ordoviz made their first contribution in https://github.com/Gallopsled/pwntools/pull/2321
  • @snarkyyy made their first contribution in https://github.com/Gallopsled/pwntools/pull/2333
  • @teddav made their first contribution in https://github.com/Gallopsled/pwntools/pull/2338
  • @Nils1729 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2339
  • @patryk4815 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2161
  • @Bl4ck-C4t made their first contribution in https://github.com/Gallopsled/pwntools/pull/2335
  • @ValekoZ made their first contribution in https://github.com/Gallopsled/pwntools/pull/2268

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.12.0...4.13.0

- Python
Published by peace-maker over 1 year ago

pwntools - Release 4.13.0beta0

What's Changed

  • Term module revamp: activating special handling of terminal only when necessary by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2242
  • Detect challenge binary and libc in pwn template by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2309
  • Add support to start a process on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2310
  • Add basic darwin support for shellcrafter by @patryk4815 in https://github.com/Gallopsled/pwntools/pull/2161
  • Explicitly define p64/u64 functions for IDE support by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2189
  • Add ELF.stripped and ELF.debuginfo properties by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2336
  • Fix: Allow setting attributes on gdb Breakpoints by @Nils1729 in https://github.com/Gallopsled/pwntools/pull/2339
  • Fix gdb.debug: exe parameter now respected, allow empty argv by @goreil in https://github.com/Gallopsled/pwntools/pull/2233
  • Fix getting right amount of data for ELF.search by @gordiig in https://github.com/Gallopsled/pwntools/pull/2281
  • Add x86 CET status to checksec output by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2293
  • elf: Resolve more relocations into GOT entries by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2277
  • rop: Make stack move faster by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2300
  • Fix Python 3.12 warning in pwn libcdb by @xambroz in https://github.com/Gallopsled/pwntools/pull/2302
  • Remove unnecessary python2 shebangs by @xambroz in https://github.com/Gallopsled/pwntools/pull/2301
  • Allow to add to the existing environment in process instead of replacing it by @heapcrash in https://github.com/Gallopsled/pwntools/pull/1763
  • Allow to add to the existing environment in ssh instead of replacing it by @heapcrash in https://github.com/Gallopsled/pwntools/pull/1764
  • Fix pwn libcdb file crashing if "/bin/sh" string was not found by @xambroz in https://github.com/Gallopsled/pwntools/pull/2307
  • Fix support for amd64 x32 ABI by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2305
  • Nicer error when running tmux exploit outside tmux by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2314
  • Bump unicorn dependency to >=2.0.1 by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2315
  • Make sure winexec is 16 byte aligned and add nCmdShow option by @kizzx2 in https://github.com/Gallopsled/pwntools/pull/2308
  • elf/corefile: Clean up pyelftools workarounds by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2319
  • Make pwn template always set context.binary by @FlorianKothmeier in https://github.com/Gallopsled/pwntools/pull/2279
  • Add timeout to gdbserver by @Ordoviz in https://github.com/Gallopsled/pwntools/pull/2321
  • Fix unhex for odd length bytes by @vsyl in https://github.com/Gallopsled/pwntools/pull/2333
  • Speed up pwn disasm with colored output by @vsyl in https://github.com/Gallopsled/pwntools/pull/2334
  • Lookup using $PATHEXT file extensions in which on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2328
  • fix: follow symlink for libs on ssh connection by @teddav in https://github.com/Gallopsled/pwntools/pull/2338
  • Make sure TERMPROGRAM points to a valid program in `runinnewterminal` by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2329
  • Retry failed lookups after one week in libcdb by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2323
  • Match against local system libc first in libcdb by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2325
  • checksec.py: import ELF instead of * by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2346
  • Fix pwn constgrep when it matches a non-constant type (Fixes #2344) by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2345
  • Launch GDB correctly in iTerm on Mac by @teddav in https://github.com/Gallopsled/pwntools/pull/2341
  • Improved DynELF address resolutions and symbol lookups by @Bl4ck-C4t in https://github.com/Gallopsled/pwntools/pull/2335
  • Add a flatten argument to ssh.libs by @ValekoZ in https://github.com/Gallopsled/pwntools/pull/2268
  • Fix Unicorn Engine 1GB limit that calls exit: raise OSError instead (Fixes #2343) by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2347

New Contributors

  • @gordiig made their first contribution in https://github.com/Gallopsled/pwntools/pull/2281
  • @xambroz made their first contribution in https://github.com/Gallopsled/pwntools/pull/2302
  • @kizzx2 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2308
  • @FlorianKothmeier made their first contribution in https://github.com/Gallopsled/pwntools/pull/2279
  • @Ordoviz made their first contribution in https://github.com/Gallopsled/pwntools/pull/2321
  • @vsyl made their first contribution in https://github.com/Gallopsled/pwntools/pull/2333
  • @teddav made their first contribution in https://github.com/Gallopsled/pwntools/pull/2338
  • @Nils1729 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2339
  • @patryk4815 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2161
  • @Bl4ck-C4t made their first contribution in https://github.com/Gallopsled/pwntools/pull/2335
  • @ValekoZ made their first contribution in https://github.com/Gallopsled/pwntools/pull/2268

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.12.0...4.13.0beta0

- Python
Published by peace-maker almost 2 years ago

pwntools - Release 4.12.0

What's Changed

  • Add --libc libc.so argument to pwn template by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2212
  • Add -p (--prefix) and -s (--separator) arguments to hex command by @marcan2020 in https://github.com/Gallopsled/pwntools/pull/2117
  • Allow creating custom templates in user-config directory by @hweissi in https://github.com/Gallopsled/pwntools/pull/2257
  • Allow empty argv in ssh.process() (#2217) by @goreil in https://github.com/Gallopsled/pwntools/pull/2234
  • Add shellcraft.sleep template wrapping SYS_nanosleep by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2221
  • shellcraft: more explicit sleep.asm docstring by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2226
  • Allow ELF.search(str) by @zt20xx in https://github.com/Gallopsled/pwntools/pull/2211
  • Fix format string badbytes inconsistency by @Arusekk in https://github.com/Gallopsled/pwntools/pull/1895
  • Fix passing arguments on the stack in shellcraft syscall template by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2219
  • Fix remote and listen in sagemath by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2202
  • Don't change log level for Corefile.parsestack() by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2222
  • Fix crash in serialtube when connection fails by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2228
  • Use command -v instead of which by @whokilleddb in https://github.com/Gallopsled/pwntools/pull/1946
  • py2: fix long hex in shellcraft etc. by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2230
  • shellcraft/i386: optimize stackhunter by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2231
  • shellcraft/*/freebsd: match linux in switching cs by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2232
  • Replace isSet with is_set as the former is deprecated in 3.10+ by @maple3142 in https://github.com/Gallopsled/pwntools/pull/2208
  • Added MAP_ADD opcode to list of opcodes in safeeval.py by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2243
  • Do not overwrite global bytes in examples by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2240
  • Decoded data from recv_all in adb.packages to a string by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2237
  • Remove unused and broken rop.findstackadjustment by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2249
  • Rename wd parameter to cwd in ssh.system and ssh.run_to_end by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2251
  • Fix readline omitting a trailing \n by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2349
  • Add RETURNCONST as an allowed _constcode in safeeval for Python 3.12 compatibility by @erikleffler in https://github.com/Gallopsled/pwntools/pull/2352
  • Change temp path in install script by @Young-Lord in https://github.com/Gallopsled/pwntools/pull/2097
  • Publish Docker images through CI by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2236
  • ci: stabilize coverage by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2235
  • Keep Github Actions up-to-date with Dependabot by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2238

New Contributors

  • @marcan2020 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2117
  • @maple3142 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2208
  • @zt20xx made their first contribution in https://github.com/Gallopsled/pwntools/pull/2211
  • @fercevik729 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2228
  • @whokilleddb made their first contribution in https://github.com/Gallopsled/pwntools/pull/1946
  • @hweissi made their first contribution in https://github.com/Gallopsled/pwntools/pull/2257
  • @erikleffler made their first contribution in https://github.com/Gallopsled/pwntools/pull/2352

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.11.1...4.12.0

- Python
Published by peace-maker almost 2 years ago

pwntools - Release 4.12.0beta1

What's Changed

  • Fix countdownhandler not invoking timeout_change; Fix value is valu… by @TanixLu in https://github.com/Gallopsled/pwntools/pull/2287
  • Fix tube.cleanandlog not logging buffered data by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2272
  • FIX: Generated shebang with path to python invalid if path contains spaces by @ksshen0000 in https://github.com/Gallopsled/pwntools/pull/2285
  • shellcraft.aarch64: Fix atexit SEGV in loader by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2294
  • Python 2: Fix installing from source by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2298

New Contributors

  • @TanixLu made their first contribution in https://github.com/Gallopsled/pwntools/pull/2287
  • @ksshen0000 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2285

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.12.0beta0...4.12.0beta1

- Python
Published by Arusekk over 2 years ago

pwntools - Release 4.11.1

What's Changed

  • Fix countdownhandler not invoking timeout_change; Fix value is valu… by @TanixLu in https://github.com/Gallopsled/pwntools/pull/2287
  • Fix tube.cleanandlog not logging buffered data by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2272
  • FIX: Generated shebang with path to python invalid if path contains spaces by @ksshen0000 in https://github.com/Gallopsled/pwntools/pull/2285
  • shellcraft.aarch64: Fix atexit SEGV in loader by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2294
  • Python 2: Fix installing from source by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2298

New Contributors

  • @TanixLu made their first contribution in https://github.com/Gallopsled/pwntools/pull/2287
  • @ksshen0000 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2285

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.11.0...4.11.1

- Python
Published by Arusekk over 2 years ago

pwntools - 4.12.0beta0

What's Changed

  • Fix 4.11 beta changelog by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2198
  • Fix remote and listen in sagemath by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2202
  • Add -p (--prefix) and -s (--separator) arguments to hex command by @marcan2020 in https://github.com/Gallopsled/pwntools/pull/2117
  • Fix Python 2 CI by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2210
  • Replace isSet with is_set as the former is deprecated in 3.10+ by @maple3142 in https://github.com/Gallopsled/pwntools/pull/2208
  • Fix stable changelog in beta by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2213
  • Fix typo in ssh trying to access log.Progress.error by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2200
  • libc Search str by @zt20xx in https://github.com/Gallopsled/pwntools/pull/2211
  • Fix stable Python 2 installation from a built wheel by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2205
  • Fix BytesWarning in ssh.interactive() by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2218
  • Fix bug at ssh.py:get() with relative path by @goreil in https://github.com/Gallopsled/pwntools/pull/2214
  • Change temp path in install script by @Young-Lord in https://github.com/Gallopsled/pwntools/pull/2097
  • Remove Travis CI Badge from README by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2220
  • Add shellcraft.sleep template wrapping SYS_nanosleep by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2221
  • Shellcraft stackargs by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2219
  • Don't change log level for Corefile.parsestack() by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2222
  • Fix Python 2 editable user install by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2224
  • shellcraft: more explicit sleep.asm docstring by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2226
  • Resolved issue #1411 abt serial-tube misbehaving. by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2228
  • Use command -v instead of which by @whokilleddb in https://github.com/Gallopsled/pwntools/pull/1946
  • Fix ret2csu with PIE binaries by @Jakub259 in https://github.com/Gallopsled/pwntools/pull/2158
  • py2: fix long hex in shellcraft etc. by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2230
  • shellcraft/i386: optimize stackhunter by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2231
  • shellcraft/*/freebsd: match linux in switching cs by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2232
  • Add --libc libc.so argument to pwn template by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2212
  • Publish Docker images through CI by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2236
  • ci: stabilize coverage by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2235
  • Added MAP_ADD opcode to list of opcodes in safeeval.py by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2243
  • Fix format string badbytes inconsistency by @Arusekk in https://github.com/Gallopsled/pwntools/pull/1895
  • Do not overwrite global bytes in examples by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2240
  • Decoded data from recv_all in packages to a string by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2237
  • Keep Github Actions up-to-date with Dependabot by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2238
  • Fix ssh.process not setting ssh_process.cwd by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2241
  • Bump actions/checkout from 2 to 3 by @dependabot in https://github.com/Gallopsled/pwntools/pull/2248
  • Bump actions/upload-artifact from 2 to 3 by @dependabot in https://github.com/Gallopsled/pwntools/pull/2246
  • Bump actions/download-artifact from 2 to 3 by @dependabot in https://github.com/Gallopsled/pwntools/pull/2247
  • Fix pushing docker images on manual workflow run by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2250
  • Remove unused and broken rop.findstackadjustment by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2249
  • Only run docker workflow on upstream repo by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2252
  • plt: remove stale MIPS workaround by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2256
  • Fix corefile module after pyelftools update by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2261
  • Rename wd parameter to cwd in ssh.system and ssh.run_to_end by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2251
  • Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/Gallopsled/pwntools/pull/2265
  • Allow creating custom templates in user-config directory by @hweissi in https://github.com/Gallopsled/pwntools/pull/2257
  • Fix bug at ssh.py:process() - empty argv[0] Error (#2217) by @goreil in https://github.com/Gallopsled/pwntools/pull/2234

New Contributors

  • @marcan2020 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2117
  • @maple3142 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2208
  • @zt20xx made their first contribution in https://github.com/Gallopsled/pwntools/pull/2211
  • @goreil made their first contribution in https://github.com/Gallopsled/pwntools/pull/2214
  • @fercevik729 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2228
  • @whokilleddb made their first contribution in https://github.com/Gallopsled/pwntools/pull/1946
  • @Jakub259 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2158
  • @dependabot made their first contribution in https://github.com/Gallopsled/pwntools/pull/2248
  • @hweissi made their first contribution in https://github.com/Gallopsled/pwntools/pull/2257

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.11.0beta0...4.12.0beta0

- Python
Published by Arusekk over 2 years ago

pwntools - Release 4.11.0

What's Changed

  • Make fmtstr module able to create payload without $ notation by @murph12F in https://github.com/Gallopsled/pwntools/pull/2185
  • Add search for libc binary by leaked function addresses by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2103
  • Support for RISC-V 64-bit architecture by @Xeonacid in https://github.com/Gallopsled/pwntools/pull/2177
  • ELF.nx and ELF.execstack enhancements by @yuvalpoliti in https://github.com/Gallopsled/pwntools/pull/2186
  • Handle context.newline correctly in tube.interactive() by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2129
  • Fix bug at ssh.py:download and download_file with relative paths by @goreil in https://github.com/Gallopsled/pwntools/pull/2214
  • Fix ssh.process not setting ssh_process.cwd by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2241
  • Fix corefile module after pyelftools update by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2261
  • Lots of bug fixes and documentation improvements

New Contributors

  • @Jusb3 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2152
  • @nathan9991 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2157
  • @dfyz made their first contribution in https://github.com/Gallopsled/pwntools/pull/2167
  • @Minei3oat made their first contribution in https://github.com/Gallopsled/pwntools/pull/2163
  • @murph12F made their first contribution in https://github.com/Gallopsled/pwntools/pull/2185
  • @ElouanFiore made their first contribution in https://github.com/Gallopsled/pwntools/pull/2192
  • @yuvalpoliti made their first contribution in https://github.com/Gallopsled/pwntools/pull/2186
  • @jamestiotio made their first contribution in https://github.com/Gallopsled/pwntools/pull/2174
  • @Jakub259 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2158

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.10.0...4.11.0

- Python
Published by peace-maker over 2 years ago

pwntools - Release 4.11.0beta0

  • #2185 make fmtstr module able to create payload without $ notation
  • #2103 Add search for libc binary by leaked function addresses libcdb.search_by_symbol_offsets()
  • #2177 Support for RISC-V 64-bit architecture
  • #2186 Enhance ELF.nx and ELF.execstack
  • #2129 Handle context.newline correctly when typing in tube.interactive()

- Python
Published by Arusekk almost 3 years ago

pwntools - Release 4.10.0 in memoriam Zach Riggle

In memoriam — Zach Riggle — long time contributor and maintainer of Pwntools.

  • #2062 make pwn cyclic -l work with entry larger than 4 bytes
  • #2092 shellcraft: dup() is now called dupio() consistently across all supported arches
  • #2093 setresuid() in shellcraft uses current euid by default
  • #2125 Allow tube.recvregex to return capture groups
  • #2144 Removes p2align 2 asm() headers from x86-32, x86-64 and mips architectures to avoid inconsistent instruction length when patching binaries

- Python
Published by Arusekk almost 3 years ago

pwntools - Release 4.10.0beta0

  • #2062 make pwn cyclic -l work with entry larger than 4 bytes
  • #2092 shellcraft: dup() is now called dupio() consistently across all supported arches
  • #2093 setresuid() in shellcraft uses current euid by default
  • #2125 Allow tube.recvregex to return capture groups
  • #2144 Removes p2align 2 asm() headers from x86-32, x86-64 and mips architectures to avoid inconsistent instruction length when patching binaries

- Python
Published by Arusekk about 3 years ago

pwntools - Release 4.9.0

  • #1975 Add libcdb commandline tool
  • #1979 Add js_escape() and js_unescape() to util.fiddling
  • #2011 Fix tube's debug output of same byte compression
  • #2023 Support KDE Konsole in runinnew_terminal function
  • #2027 Fix ELF.libcstartmain_return with glibc 2.34
  • #2033 Quote file and core path in generated GDB script
  • #2035 Change Buffer's parent class to object
  • #2037 Allow SSH tunnel to be treated like a TCP socket (with 'raw=True')
  • #2123 Fix ROP without a writeable cache directory
  • #2124 Fix tube.recvpred() timeout argument

- Python
Published by Arusekk about 3 years ago

pwntools - Release 4.9.0beta0

  • #1975 Add libcdb commandline tool
  • #1979 Add js_escape() and js_unescape() to util.fiddling
  • #2011 Fix tube's debug output of same byte compression
  • #2023 Support KDE Konsole in runinnew_terminal function
  • #2027 Fix ELF.libcstartmain_return with glibc 2.34
  • #2033 Quote file and core path in generated GDB script
  • #2035 Change Buffer's parent class to object
  • #2037 Allow SSH tunnel to be treated like a TCP socket (with 'raw=True')

- Python
Published by Arusekk almost 4 years ago

pwntools - Release 4.8.0

  • #1922 Fix logic in wait_for_debugger
  • #1828 libcdb: Load debug info and unstrip libc binary
  • #1939 Fix error in validating log levels
  • #1981 Fix cyclic_find() to make it work with large int values

- Python
Published by Arusekk almost 4 years ago

pwntools - Release 4.7.1

  • #1784 Use temporary cache directory when persistent cache cannot be used
  • #1973 ELF symbols can be looked up by bytes values
  • several bugfixes (#2012, #2031, #1912, #1961, #2007, #2040, #2051)

- Python
Published by Arusekk almost 4 years ago

pwntools - Release 4.8.0beta0

  • #1922 Fix logic in wait_for_debugger
  • #1828 libcdb: Load debug info and unstrip libc binary
  • #1939 Fix error in validating log levels
  • #1981 Fix cyclic_find() to make it work with large int values

- Python
Published by Arusekk over 4 years ago

pwntools - Release 4.7.0

  • #1733 Update libc headers -> more syscalls available!
  • #1876 add self.message and change sys.exc_type to sys.exec_info() in PwnlibException
  • #1877 encoders error message handles when avoid is bytes in python3
  • #1891 Keep ROP gadgets when setting registers via setattr/call
  • #1892 Silence SIGPIPE error for "pwn phd"
  • #1893 Fix bytes warning in "pwn cyclic"
  • #1897 Add basic support for RISC-V
  • #1903 Add zsh completion script
  • #1904 Add bash completion script
  • #1906 Defer import of several modules to save on startup time
  • #1921 Add basic support for the bare-metal ARM specific toolchain
  • #1995 Add shellcraft.*.linux.cat2, which uses alloc+read+write instead of sendfile

- Python
Published by Arusekk over 4 years ago

pwntools - Release 4.7.0beta0

  • #1733 Update libc headers -> more syscalls available!
  • #1876 add self.message and change sys.exc_type to sys.exec_info() in PwnlibException
  • #1877 encoders error message handles when avoid is bytes in python3
  • #1891 Keep ROP gadgets when setting registers via setattr/call
  • #1892 Silence SIGPIPE error for "pwn phd"
  • #1893 Fix bytes warning in "pwn cyclic"
  • #1897 Add basic support for RISC-V
  • #1903 Add zsh completion script
  • #1904 Add bash completion script
  • #1906 Defer import of several modules to save on startup time
  • #1921 Add basic support for the bare-metal ARM specific toolchain

- Python
Published by Arusekk over 4 years ago

pwntools - Release 4.6.0

  • #1429 Add a mechanism for ret2csu (originally #1138)
  • #1566 Add ignore_config argument to pwnlib.tubes.ssh and improve allow_agent implementation
  • #1652 Add process.readmem and process.writemem
  • #1739 Add/fix shellcraft.linux.kill() / shellcraft.linux.killparent()
  • #1746 Prefer Python3 over Python2 for spawning remote processes over SSH
  • #1751 Fix process() with executable relative to cwd
  • #1753 major change: less unconditional imports in pwnlib
  • #1776 mips: do not use $t0 temporary variable in dupio
  • #1846 support launching GDB in more different terminals

- Python
Published by Arusekk over 4 years ago

pwntools -

  • #1902 Always specify -F and -P for tmux in runinnew_termianl

- Python
Published by heapcrash over 4 years ago

pwntools -

  • #1902 Always specify -F and -P for tmux in runinnew_termianl

- Python
Published by heapcrash over 4 years ago

pwntools - Release 4.6.0beta0

  • #1429 Add a mechanism for ret2csu (originally #1138)
  • #1566 Add ignore_config argument to pwnlib.tubes.ssh and improve allow_agent implementation
  • #1652 Add process.readmem and process.writemem
  • #1739 Add/fix shellcraft.linux.kill() / shellcraft.linux.killparent()
  • #1746 Prefer Python3 over Python2 for spawning remote processes over SSH
  • #1751 Fix process() with executable relative to cwd
  • #1753 major change: less unconditional imports in pwnlib
  • #1776 mips: do not use $t0 temporary variable in dupio
  • #1846 support launching GDB in more different terminals

- Python
Published by Arusekk almost 5 years ago

pwntools - Release 4.5.0

  • #1261 Misc run_in_new_terminal improvements (notably gdb terminated by default)
  • #1695 Allow using GDB Python API
  • #1735 Python 3.9 support in safeeval
  • #1738 Which function support custom search path
    • process also looks now at env['PATH'] to find the path for the executable
  • #1742 New baremetal os to debug binaries executed with qemu-system-$(arch)
  • #1757 update cache directories
  • #1758 Remove eval from cli
  • #1780 Re-add Python2 to the official Dockerfile
  • #1941 Disable all Android tests, pwnlib.adb is no longer supported in CI
  • #1811 Remove unnecessary pwn.toplevel.__all__
  • #1827 Support $XDG_CONFIG_HOME dir for pwn.conf
  • #1841 Add colored_traceback
  • #1839 runinnew_terminal now creates a runner script if given a list or tuple
  • #1833 Add pwnlib.filesystem module
  • #1852 Fix atexit on Python 3

- Python
Published by Arusekk almost 5 years ago

pwntools - Release 4.5.0beta1

  • #1852 Fix atexit on Python 3

- Python
Published by Arusekk almost 5 years ago

pwntools - Release 4.5.0beta0

  • #1261 Misc run_in_new_terminal improvements (notably gdb terminated by default)
  • #1695 Allow using GDB Python API
  • #1735 Python 3.9 support in safeeval
  • #1738 Which function support custom search path
    • process also looks now at env['PATH'] to find the path for the executable
  • #1742 New baremetal os to debug binaries executed with qemu-system-$(arch)
  • #1757 update cache directories
  • #1758 Remove eval from cli
  • #1780 Re-add Python2 to the official Dockerfile
  • #1941 Disable all Android tests, pwnlib.adb is no longer supported in CI
  • #1811 Remove unnecessary pwn.toplevel.__all__
  • #1827 Support $XDG_CONFIG_HOME dir for pwn.conf
  • #1841 Add colored_traceback
  • #1839 runinnew_terminal now creates a runner script if given a list or tuple
  • #1833 Add pwnlib.filesystem module

- Python
Published by Arusekk almost 5 years ago

pwntools - Release 4.4.0

  • #1541 Use context.newline for tubes by default
  • #1602 Fix bytes handling in ssh tubes
  • #1606 Fix asm() and disasm() for MSP430, S390
  • #1616 Fix cyclic cli for 64 bit integers
  • #1632 Enable usage of Pwntools in jupyter
  • #1633 Open a shell if pwn template cannot download the remote file
  • #1644 Enable and support SNI for SSL-wrapped tubes
  • #1651 Make pwn shellcraft faster
  • #1654 Docker images (pwntools/pwntools:stable etc) now use Python3 by default, and includes assemblers for a few common architectures
  • #1667 Add i386 encoder ascii_shellcode (Fixed docs in #1693)
  • Fix syscall instruction lists for SROP on i386 and amd64
  • Fix migration to another ROP
  • #1673 Add base= argument to ROP.chain() and ROP.dump()
  • #1675 Gdbserver now correctly accepts multiple libraries in LD_PRELOAD and LD_LIBRARY_PATH
  • #1678 ROPGadget multibr
  • #1682 ROPGadget multibr fix
  • #1687 Actually import requests when doing from pwn import *
  • #1688 Add __setattr__ and __call__ interfaces to ROP for setting registers
  • #1692 Remove python2 shebangs where appropriate
  • #1703 Update libcdb buildid offsets for amd64 and i386
  • #1704 Try https://libc.rip/ for libcdb lookup

- Python
Published by Arusekk almost 5 years ago

pwntools - Release 4.4.0beta1

  • #1732 Fix shellcraft SSTI vulnerability (first major pwntools vuln!)

- Python
Published by Arusekk about 5 years ago

pwntools - Release 4.3.1

  • #1732 Fix shellcraft SSTI vulnerability (first major pwntools vuln!)

- Python
Published by Arusekk about 5 years ago

pwntools - Release 4.3.0

  • Speed up ELF PLT loading (#1515)
  • Take numbwritten bytes into account in FmtString (#1471)
  • Support opening of new windows in WSL (#1503)
  • #1576 Add executable= argument to ELF.search
  • #1584 Add jmp_esp/jmp_rsp attribute to ROP
  • #1592 Fix over-verbose logging of process() environment
  • #1593 Colorize output of pwn template
  • #1601 Add pwn version command line tool
  • #1605 Add to fiddling.hexdump a way to suppress the total at the end
  • #1613 Permit --password for pwn template
  • #1564 Fix asm() and disasm() for PowerPC64, MIPS64, Sparc64
  • #1621 Permit negative values in flat() and fit()
  • many more

- Python
Published by Arusekk about 5 years ago

pwntools - Release 4.4.0beta0

  • #1541 Use context.newline for tubes by default
  • #1602 Fix bytes handling in ssh tubes
  • #1606 Fix asm() and disasm() for MSP430, S390
  • #1616 Fix cyclic cli for 64 bit integers
  • #1632 Enable usage of Pwntools in jupyter
  • #1633 Open a shell if pwn template cannot download the remote file
  • #1644 Enable and support SNI for SSL-wrapped tubes
  • #1651 Make pwn shellcraft faster
  • #1654 Docker images (pwntools/pwntools:stable etc) now use Python3 by default, and includes assemblers for a few common architectures
  • #1667 Add i386 encoder ascii_shellcode (Fixed docs in #1693)
  • Fix syscall instruction lists for SROP on i386 and amd64
  • Fix migration to another ROP
  • #1673 Add base= argument to ROP.chain() and ROP.dump()
  • #1675 Gdbserver now correctly accepts multiple libraries in LD_PRELOAD and LD_LIBRARY_PATH
  • #1678 ROPGadget multibr
  • #1682 ROPGadget multibr fix
  • #1687 Actually import requests when doing from pwn import *
  • #1688 Add __setattr__ and __call__ interfaces to ROP for setting registers
  • #1692 Remove python2 shebangs where appropriate
  • #1703 Update libcdb buildid offsets for amd64 and i386

- Python
Published by Arusekk over 5 years ago

pwntools - Release 4.2.2

Bugfix release over 4.2.1

- Python
Published by Arusekk over 5 years ago

pwntools - Release 4.2.1

1625 GDB now properly loads executables with QEMU

- Python
Published by Arusekk over 5 years ago

pwntools - Release 4.3.0beta0

  • Speed up ELF PLT loading (#1515)
  • Take numbwritten bytes into account in FmtString (#1471)
  • Support opening of new windows in WSL (#1503)
  • #1576 Add executable= argument to ELF.search
  • #1584 Add jmp_esp/jmp_rsp attribute to ROP
  • #1592 Fix over-verbose logging of process() environment
  • #1593 Colorize output of pwn template
  • #1601 Add pwn version command line tool
  • #1605 Add to fiddling.hexdump a way to suppress the total at the end
  • #1613 Permit --password for pwn template
  • #1564 Fix asm() and disasm() for PowerPC64, MIPS64, Sparc64
  • #1621 Permit negative values in flat() and fit()

- Python
Published by Arusekk over 5 years ago

pwntools - Release 4.1.1

  • Fix PLT resolution by locking unicorn <1.0.2rc4 (#1538)
  • Fix wrong ELF/context unpack handling (c4c11a37)
  • Fix updating of ELF.functions addresses after changing ELF.address #1512 (#1513)
  • Update Corefile warnings and replace asserts with normal checks (#1526)
  • several py2-py3 issues (#1451)
  • Fix cyclic command

- Python
Published by Arusekk over 5 years ago

pwntools - Release 4.2.0beta0

  • #1436 Add ret2dlresolve automation
  • fecf9f tubes.ssh.process() no longer requires python 2 installed on remote (still requires python, though)
  • Miscellanous improvements to DynElf and fmtstr leaker (see examples/fmtstr/exploit2.py)
  • #1454 Support for windows console colors

- Python
Published by Arusekk almost 6 years ago

pwntools - Release 4.1.0

  • #1316 Fix connect shellcraft in python 3
  • #1323 Fix issues related with debugging
  • #1001 Enhance unlock_bootloader with better status messages
  • #1389 remove old dependencies
  • #1241 Launch QEMU with sysroot if specified
  • #1218 Support for FileStructure exploitation
  • Many bug fixes

- Python
Published by Arusekk almost 6 years ago

pwntools - Release 4.0.1

  • #1412 recvline_pred() and similar do not reorder data
  • Bypass unicorn-engine/unicorn#1100 and unicorn-engine/unicorn#1170 requiring unstable package

- Python
Published by Arusekk about 6 years ago

pwntools - Release 4.1.0beta0

  • #1316 Fix connect shellcraft in python 3
  • #1323 Fix issues related with debugging
  • #1001 Enhance unlock_bootloader with better status messages
  • #1389 remove old dependencies
  • #1241 Launch QEMU with sysroot if specified
  • #1218 Support for FileStructure exploitation

- Python
Published by Arusekk about 6 years ago

pwntools - Release 4.0.0

  • Python 3 support! <3
  • #1402 Fix serialtube in python 3
  • #1391 Fix process.libs
  • #1317 Tubes with context.encoding
  • #1216 Improve format string generator
  • #1285 Add freebsd generic syscall templates
  • 76413f Add pwnlib.adb.bootimg for 'ANDROID!' format boot.img images
  • #1202 Docker: Kill 14 layers in pwntools base images
  • #1182 shellcraft.dupio() for mips

- Python
Published by Arusekk about 6 years ago

pwntools - Release 4.0.0beta0

  • Python 3 support! <3
  • #1317 Tubes with context.encoding
  • #1216 Improve format string generator
  • #1285 Add freebsd generic syscall templates
  • 76413f Add pwnlib.adb.bootimg for 'ANDROID!' format boot.img images
  • #1202 Docker: Kill 14 layers in pwntools base images
  • #1182 shellcraft.dupio() for mips

- Python
Published by Arusekk over 6 years ago

pwntools - Release 3.13.0

  • #1204 Reduce ROP cache filename length
  • #1175 Fix nested SSH connectors
  • #1355 Fix 'break' syscall
  • #1277 Fix timeout parameter passing in sendlineafter and other similar functions
  • #1292 Provide correct arch name to gdb for sparc64

- Python
Published by Arusekk over 6 years ago

pwntools - 3.12.1

  • #1198 More compatibility fixes for pyelftools==0.25, and pin Sphinx<1.8.0 since it causes testing errors
  • #1191 Fix compatibility with pyelftools==0.25
  • #1159 Fix check for /proc/.../status
  • #1162 Fix broken package versions
  • #1150 Fix exception raised when a cache file is missing
  • #1156 Fix ROP gadget selection logic involving int and syscall instructions
  • #1152 Fix QEMU LD_PREFIX calculation (wrong parameter passed)
  • #1155 Use Ubuntu Trusty for all CI builds
  • #1131 Add "libc-" to libc prefixes in process tubes
  • #1125 Fix a typo
  • #1121 Fix tests which were broken by an upstream Sphinx change

- Python
Published by zachriggle over 7 years ago

pwntools - 3.12.0

3.12.0

  • #1083 Better error messages for gdb when LD_PRELOAD is incorrect
  • #1085 Add support for extracting Android BOOTLDR! images
  • #1075 Add support for detecting GNU Screen for run_in_new_terminal
  • #1074 Add support for running pwntools-gdb wrapper script instead of gdb
  • #1067 Add pwnlib.tubes.server module, which adds a reusable server listener
  • #1063 Add support for labels in fit(), allowing dynamic contents to be injected. (This feature is really cool, check out the pull request!)

- Python
Published by TethysSvensson almost 8 years ago

pwntools - 3.11.0

3.11.0

  • #1044 Enhancements to ROP
    • Much better support for 64-bit Intel (amd64) ROP
    • ROP gadget selection is optimized to favor multi-pops instead of multiple single-pop gadgets
    • Added support for blacklisting byte values in ROP gadget addresses
  • #1049 Enhancements to cyclic
    • context now has two additional attributes, cyclic_alphabet and cyclic_length, which correspond to the arguments alphabet and n to cyclic() and cyclic_find() and related routines.
    • The motivation for this change is to allow setting the alphabet globally, so that any padding / patterns generated internally to pwntools can be controlled. The specific motivation is blacklisting values in ROP padding.
  • #1052 Enhancements for detecting QEMU_LD_PREFIX used by QEMU user-mode emulation for sysroots
  • #1035 Minor documentation changes
  • #1032 Enhancements to pwn template
  • #1031 More accurate Coredump.fault_addr on amd64
  • #1084 Fix broken tests due to ftp.debian.org going down

- Python
Published by TethysSvensson about 8 years ago

pwntools - 3.10.0

3.10.0

  • #1007 Add support for setting a gdbinit file in the context
  • #1055 Fixes for Corefile stack parsing, speed up ELF.string()
  • #1057 Fix a variable name typo in DynELF logging which results in an exception being thrown
  • #1058 Fix an edge case in ssh_process.exe

- Python
Published by TethysSvensson over 8 years ago

pwntools - 3.9.2

3.9.2

  • #1043 Do not attempt to populate the libraries used by statically-linked binaries

- Python
Published by TethysSvensson over 8 years ago

pwntools - 3.9.1

3.9.1

  • #1038 Fix an issue with process() where glibc would buffer data internally, causing a hang on select()
  • #1036 Fix Travis CI logging verbosity
  • #1029 Fix some unicode issues when using the readline command history in tube.interactive()

- Python
Published by TethysSvensson over 8 years ago

pwntools - 3.9.0

3.9.0

  • #1003 Make concat_all faster while also simplifying it's logic
  • #1014 Fix for overwritten env when parsing core file
  • #1023 Fixes to Travis CI

- Python
Published by TethysSvensson over 8 years ago

pwntools - 3.8.0

3.8.0

  • #981 Fixed RELRO detection logic
  • #986 Enhancements to DynELF for controlling usage of LibcDB
  • A few documentation fixes
  • A few fixes for the Docker image

- Python
Published by TethysSvensson over 8 years ago

pwntools - 3.7.1

3.7.1

  • #998 Fix a bug where integer values could not be set in .pwn.conf.

- Python
Published by TethysSvensson over 8 years ago

pwntools - 3.7.0

3.7.0

  • #933 DynELF works better with different base addresses
  • #952 A few small fixes were made to pwn template, and the CRC database was updated.
  • 5c72d62c Updated the CRC database

- Python
Published by TethysSvensson over 8 years ago

pwntools - 3.6.1

3.6.1

  • #979+1a4a1e1 Fixed #974, a bug related to the terminal handling and numlock.
  • #980 Fixed the pwn template command.

- Python
Published by TethysSvensson almost 9 years ago

pwntools - 3.6.0

3.6.0

  • #895 Added a Dockerfile to simplify testing setup and allow testing on OSX
  • #897 Fixed some incorrect AArch64 syscals
  • #893 Added the pwnlib.config module
    • Configuration options can now be set in ~/.pwn.conf
    • This replaces the old, undocumented mechanism for changing logging colors. Only @br0ns and @ebeip90 were likely using this.
    • More information is available in the documentation here.
  • #899 Pwntools now uses Unicorn Engine to emulate PLT instructions to ensure correct mapping of PIE / RELRO binaries.
  • #904 Enhancements to the accuracy of the pwn checksec command.
  • #905 Added a pwn debug command-line utility which automates the process of gdb.attach(process(...)) to spawn GDB
    • More information is available in the documentation here
  • #919 Added a pwn template command-line utility to simplify the process of bootstrapping a new exploit.
    • More information is available in the documentation here.
  • #948 Fix unnecessary warning for Core files
  • #954 Fix list processing in ~/.pwn.conf
  • #967 Respect TERM_PROGRAM for run_in_new_terminal
  • #970 Fix overly-aggressive corefile caching

- Python
Published by TethysSvensson almost 9 years ago

pwntools - 3.5.1

3.5.1

  • #945 Speed up ssh via caching checksec results (fixes #944)
  • #950 Fixes a bug where setting context.arch does not have an effect on adb.compile() output architecture

- Python
Published by TethysSvensson almost 9 years ago

pwntools - 3.5.0

3.5.0

  • b584ca3 Fixed an issue running setup.py on ARM
  • #822 Enabled relative leaks with MemLeak
    • This should be useful for e.g. heap-relative leaks
  • #832 Changed all internal imports to use absolute imports (no functional changes)
  • a12d0b6 Move STDOUT, PIPE, PTY constants to globals
    • process(..., stdin=process.PTY) --> process(..., stdin=PTY)
  • #828 Use PR_SET_PTRACER for all process() and ssh.process() instances
    • This simplifies debugging on systems with YAMA ptrace enabled
  • Various documentation enhancements
    • In particular, the gdb, elf, and ssh docs are much better
  • #833 Performance enhancements for adb module
  • d0267f3 packing.fit() now treats large offsets as cyclic patterns (e.g. 0x61616161 behaves the same as "aaaa")
  • #835 Added ssh.checksec
    • Reports the kernel version and other relevant information on connection
  • #857 Slightly shortened execve shellcode
  • 300f8e0 Slightly speed up processing of large ELF files
  • #861 Adds support for extracting IKCONFIG configs from Linux kernel images, and extends checksec to report on any insecure configurations discovered
  • #871 Moves all of the basic syscall templates to shellcraft/common and exposes them via symlinks. Closed #685
    • Should not have any visible effects from any documented APIs
    • shellcraft.arch.os.syscall_function() still works the same
    • We now have the ability to differentiate between the connect syscall, and a TCP connect helper
  • #887 sh_string now returns a quoted empty string '' rather than just an empty string
  • #839 Exposes a huge amount of functionality via corefiles which was not previously availble. See the docs for examples.
    • process().corefile will automatically instantiate a Corefile for the process
    • QEMU-emulated processes are supported
    • Native processes are supported, including extraction of coredumps from apport crash logs
    • Native processes can be dumped while running, in a manner similar to GDB's gcore script
  • #875 Added documentation (and tests) for AArch64 shellcode
  • #882 The ROP class now respects context.bytes instead of using the hard-coded value of 4 (fixed #879)
  • #869 Added several fields to the process class (uid, gid, suid, sgid) which are recorded at execution time, based on the file permissions
  • #868 Changed the way that ssh.process() works internally, and it now returns a more specialized class, ssh_process.
    • Added ssh_process.corefile for fetching remote corefiles
    • Added ssh_process.ELF for getting an ELF of the remote executable
    • The uid, gid, and suid, and sgid which are recorded at execution time, based on the file permissions
  • #865 Fixes ELF.read to support contiguous memory reads across non-contiguous file-backed segments
  • #862 Adds a symlink= argument to ssh.set_working_directory, which will automatically symlink all of the files in the "old" working directory into the "new" working directory

- Python
Published by TethysSvensson almost 9 years ago

pwntools - 3.4.1

3.4.1

  • #894 Fix a bug when using gdb.debug() over ssh.
  • e021f57 Fix a bug (#891) in rop when needing to insert padding to fix alignment

- Python
Published by TethysSvensson about 9 years ago

pwntools - 3.4.0

3.4.0

  • #800 Add shell= option to ssh.process()
  • #806 Add context.buffer_size for fine-tuning tube performance
    • Also adds buffer_fill_size= argument for all tubes
  • b83a6c7 Fix undocumented process.leak function
  • 546061e Modify coredump_filter of all spawned processes, so that core dumps are more complete
  • #809 Add several functions to adb (unlink, mkdir, makedirs, isdir, exists)
  • #817 Make disconnection detection more robust

- Python
Published by TethysSvensson about 9 years ago

pwntools - 3.3.4

3.3.4

  • #850 and #846 fix issues with hexdump and the phd command-line utility, when using pipes (e.g. echo foo | phd)
  • #852 Fixes register ordering in regsort
  • #853 Fixes the registers restored in shellcraft.amd64.popad

- Python
Published by TethysSvensson about 9 years ago

pwntools - 3.3.3

3.3.3

  • #843 fixed a bug in amd64.mov.

- Python
Published by TethysSvensson about 9 years ago

pwntools - 3.3.2

3.3.2

  • #840 Fixed a regression introduced by [#837][837].

- Python
Published by TethysSvensson about 9 years ago

pwntools - 3.3.1

3.3.1

  • #833 Fixed a performance-impacting bug in the adb module.
  • #837 Fixed a bug(#836) causing hexdump(cyclic=True) to throw an exception.

- Python
Published by TethysSvensson about 9 years ago

pwntools - 3.3.0

3.3.0

  • b198ec8 Added tube.stream() function, which is like tube.interact() without a prompt or keyboard input.
    • Effectively, this is similar to cat file and just prints data as fast as it is received.
  • aec3fa6 Disable update checks against GitHub
    • These checks frequently broke due to GitHub query limits
  • #757 Fixed adb.wait_for_device() re-use of the same connection
  • f9133b1 Add a STDERR magic argument to make logging go to stderr instead of stdout
    • Usage is e.g. python foo.py STDERR or PWNLIB_STDERR=1 python foo.py
    • Also adds context.log_console to log to any file or terminal
  • 67e11a9 Add faster error checking to cyclic() when provided very large values
  • 5fda658 Expose BitPolynom in globals()
  • #765 Added -d option for hex-escaped output for shellcraft command-line tool
  • #772 Fixed bash completion regressions
  • 30c34b7 Fix ROP.call() with Function objects from ELF.functions
  • fa402ce Add adb.uptime and adb.boot_time
  • 82312ba Add cyclic_metasploit and cyclic_metasploit_find

- Python
Published by TethysSvensson about 9 years ago

pwntools - 3.2.1

3.2.1

Multiple bug fixes. - #783 Fix adb.uninstall typo - #787 Added error handling for ssh.process argument preexec_fn - #793 Fixed progress message in remote() when connections failed - #802 Fixed partition listing in adb.partitions, which accidentally shelled out to the adb binary - #804 Fix error message for 32-bit distributions - #805 Fix exception in Core.segments when a segment has no name - #811 Fixes and performance improvements for adb.wait_for_device() - #813 Fixed a release script - #814 Fixed exceptions thrown if the $HOME directory is not writable - #815 Properly handle None in MemLeak

- Python
Published by TethysSvensson about 9 years ago

pwntools - 3.2.0

  • #695 Fixed a performance regression in phd.
  • 452605e Fixed #629 related to correct removal of temporary files.
  • ea94ee4 Disallows semi-colons in for the run_in_terminal function, since it did not work properly in all cases.
  • 6376d07 Added the mips shellcode pushstr_array.
  • #700 Added missing MIPS shellcode documentation to readthedocs, and enabled unit tests
  • #701 Command line tools refactored to have a common pwn entry point.
    • Added an option to not install the traditional asm, disasm, checksec, etc scripts
    • All existing tools can be accessed from the pwn command (e.g. pwn asm nop).
  • #704 The process object has a new, optional argument alarm for setting a SIGALRM timeout for processes.
  • #705 Added the Android Emulator to the test suite and Travis CI.
    • Android Emulator is now required for the full test suite
    • Android Emulator tests are skipped if no Android-related changes are detected
  • #711 DynELF has a new attribute, heap, which leaks the current brk address (heap base). This is useful for finding heap allocations with dlmalloc-derived allocators like those used by Glibc.
  • #717 sh_string was rewritten to emit more compact and compatible strings
    • This was achieved by embedding single-quoted non-printable literals
    • Much more testing was added
    • Emitted strings are no longer copy-paste compatible, but work fine with e.g. tubes module and the default subprocess module
  • #709 The adb module now directly talks to the adb server process via a new module, adb.protocol
    • Removes the need to shell out to adb
    • Avoids version-compatibility issues with adb server vs. client
  • #703 Added new methods to adb
    • install - Installs an APK
    • uninstall - Uninstalls a package
    • packages - Lists installed packages
  • 4893819 Modified shellcraft.sh on all platforms to provide argv[0] and set argc==1
    • This is needed for systems which have Busybox or other minimal shell for /bin/sh which does not behave well with argc==0 or argv[0]==NULL.
  • 1e414af Added connect() alias for remote()
    • For example, io=connect('google.com', 80)
    • This also works with tcp(...) and udp(...) aliases
  • 869ec42 Added ssh.read() and ssh.write() aiases
  • 2af55c9 AdbDevice objects exposed via e.g. adb.devices() now offer scoped access to all adb module properties
    • It is now possible to e.g. map(lambda d: d.process(['id']).recvall(), adb.devices())

- Python
Published by TethysSvensson over 9 years ago

pwntools - 3.1.1

3.1.1

Fixed a bug in MemLeak.struct (PR: #768).

- Python
Published by TethysSvensson over 9 years ago

pwntools - 3.1.0

3.1.0

A number of smaller bugfixes and documentation tweaks.

- Python
Published by TethysSvensson over 9 years ago

pwntools - 3.0.4

3.0.4 (September 19, 2016)

  • Fixed a bug that made 3.0.3 uninstallable (Issue: #751, PR: #752)

- Python
Published by TethysSvensson over 9 years ago

pwntools - 3.0.3

3.0.3 (September 18, 2016, broken release)

  • Fixed some performance and usability problems with the update system (Issues: #723, #724, #736. PRs: #729, #738, #747).
  • Fixed a bug related to internals in pyelftools (PRs: #730, #746).
  • Fixed an issue with travis (Issue: #741, PRs: #743, #744, #745).

- Python
Published by TethysSvensson over 9 years ago

pwntools - 3.0.1

3.0.1 (August 20 2016)

A small bugfix release. There were a lot of references to the master-branch, however after 3.0.0 we use the names stable, beta and dev for our branches.

- Python
Published by TethysSvensson over 9 years ago

pwntools - 3.0.2

3.0.2 (September, 6 2016)

  • Cherry-pick #695, as this was a regression-fix.
  • Added a fix for the update checker, as it would suggest prereleases as updates to stable releases.
  • Various documentation fixes.

- Python
Published by TethysSvensson over 9 years ago

pwntools - 3.0.0

3.0.0 (August 20 2016)

This was a large release (1305 commits since 2.2.0) with a lot of bugfixes and changes. The Binjitsu project, a fork of Pwntools, was merged back into Pwntools. As such, its features are now available here.

As always, the best source of information on specific features is the comprehensive docs at https://pwntools.readthedocs.org.

This list of changes is non-complete, but covers all of the significant changes which were appropriately documented.

Android

Android support via a new adb module, context.device, context.adb_host, and context.adb_port.

Assembly and Shellcode

  • Assembly module enhancements for making ELF modules from assembly or pre-assembled shellcode. See asm.make_elf and asm.make_elf_from_assembly.
  • asm and shellcraft command-line tools support flags for the new shellcode encoders
  • asm and shellcraft command-line tools support --debug flag for automatically launching GDB on the result
  • Added MIPS, PowerPC, and AArch64 support to the shellcraft module
  • Added Cyber Grand Challenge (CGC) support to the shellcraft module
  • Added syscall wrappers for every Linux syscall for all supported architectures to the shellcraft module
    • e.g. shellcraft.<arch>.gettimeofday
  • (e.g. shellcraft.i386.linux.)
  • Added in-memory ELF loaders for most supported architectures
    • Only supports statically-linked binaries
    • shellcraft.<arch>.linux.loader

Context Module

  • Added context.aslr which controls ASLR on launched processes. This works with both process() and ssh.process(), and can be specified per-process with the aslr= keyword argument.
  • Added context.binary which automatically sets all context variables from an ELF file.
  • Added context.device, context.adb, context.adb_port, and context.adb_host for connecting to Android devices.
  • Added context.kernel setting for SigReturn-Oriented-Programming (SROP).
  • Added context.log_file setting for sending logs to a file. This can be set with the LOG_FILE magic command-line option.
  • Added context.noptrace setting for disabling actions which require ptrace support. This is useful for turning all gdb.debug and gdb.attach options into no-ops, and can be set via the NOPTRACE magic command-line option.
  • Added context.proxy which hooks all connections and sends them to a SOCKS4/SOCKS5. This can be set via the PROXY magic command-line option.
  • Added context.randomize to control randommization of settings like XOR keys and register ordering (default off).
  • Added context.termianl for setting how to launch commands in a new terminal.

DynELF and MemLeak Module

  • Added a DynELF().libc property which attempt to find the remote libc and download the ELF from LibcDB.
  • Added a DynELF().stack property which leaks the __environ pointer from libc, making it easy to leak stack addresses.
  • Added MemLeak.String and MemLeak.NoNewlines and other related helpers for handling special leakers which cannot e.g. handle newlines in the leaked addresses and which leak a C string (e.g. auto-append a '\x00').
  • Enhancements for leaking speed via MemLeak.compare to avoid leaking an entire field if we can tell from a partial leak that it does not match what we are searching for.

Encoders Module

  • Added a pwnlib.encoders module for assembled-shellcode encoders/decoders
  • Includes position-indepentent basic XOR encoders
  • Includes position-independent delta encoders
  • Includes non-position-independent alphanumeric encoders for Intel
  • Includes position-independent alphanumeric encoders for ARM/Thumb

ELF Module

  • Added a Core object which can parse core-files, in order to extract / search for memory contents, and extract register states (e.g. Core('./corefile').eax).

Format Strings

  • Added a basic fmtstr module for assisting with Format String exploitation

GDB Module

  • Added support for debugging Android devices when context.os=='android'
  • Added helpers for debugging shellcode snippets with gdb.debug_assembly() and gdb.debug_shellcode()

ROP Module

  • Added support for SigReturn via pwnlib.rop.srop
    • Occurs automatically when syscalls are invoked and a function cannot be found
    • SigReturn frames can be constructed manually with SigreturnFrame() objects
  • Added functional doctests for ROP and SROP

Tubes Process Module

  • process() has many new options, check out the documentation
    • aslr controls ASLR
    • setuid can disable the effect of setuid, allowing core dumps (useful for extracting crash state via the new Core() object)
    • TTY echo and control characters can be enabled via raw argument
  • stdout and stderr are now PTYs by default
    • stdin can be set to a PTY also via setting stdin=process.PTY

Tubes SSH Module

  • Massive enhancements all over
  • ssh objects now have a ssh.process() method which avoids the need to handle shell expansion via the old ssh.run() method
  • Files are downloaded via SFTP if available
  • New download and upload methods auto-detect whether the target is a file or directory and acts accordingly
  • Added listen() method alias for listen_remote()
  • Added remote() method alias for connect_remote()

Utilities

  • Added fit() method to combine the functionality of flat() with the functionality of cyclic()
  • Added negative() method to negate the value of an integer via two's complement, with respect to the current integer size (context.bytes).
  • Added xor_key() method to generate an XOR key which avoids undesirable bytes over a given input.
  • Added a multi-threaded bruteforce() implementation, mbruteforce().
  • Added dealarm_shell() helper to remove the effects of alarm() after you've popped a shell.

- Python
Published by TethysSvensson over 9 years ago

pwntools - 2.2.0

- Python
Published by br0ns about 11 years ago

pwntools - 2.1.3

- Python
Published by TethysSvensson over 11 years ago