Pwntools Versions Save

What's Changed

• Term module revamp: activating special handling of terminal only when necessary by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2242
• Detect challenge binary and libc in pwn template by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2309
• Add support to start a process on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2310
• Add basic darwin support for shellcrafter by @patryk4815 in https://github.com/Gallopsled/pwntools/pull/2161
• Explicitly define p64/u64 functions for IDE support by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2189
• Add ELF.stripped and ELF.debuginfo properties by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2336
• Fix: Allow setting attributes on gdb Breakpoints by @Nils1729 in https://github.com/Gallopsled/pwntools/pull/2339
• Fix gdb.debug: exe parameter now respected, allow empty argv by @goreil in https://github.com/Gallopsled/pwntools/pull/2233
• Fix getting right amount of data for ELF.search by @gordiig in https://github.com/Gallopsled/pwntools/pull/2281
• Add x86 CET status to checksec output by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2293
• elf: Resolve more relocations into GOT entries by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2277
• rop: Make stack move faster by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2300
• Fix Python 3.12 warning in pwn libcdb by @xambroz in https://github.com/Gallopsled/pwntools/pull/2302
• Remove unnecessary python2 shebangs by @xambroz in https://github.com/Gallopsled/pwntools/pull/2301
• Allow to add to the existing environment in process instead of replacing it by @heapcrash in https://github.com/Gallopsled/pwntools/pull/1763
• Allow to add to the existing environment in ssh instead of replacing it by @heapcrash in https://github.com/Gallopsled/pwntools/pull/1764
• Fix pwn libcdb file crashing if "/bin/sh" string was not found by @xambroz in https://github.com/Gallopsled/pwntools/pull/2307
• Fix support for amd64 x32 ABI by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2305
• Nicer error when running tmux exploit outside tmux by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2314
• Bump unicorn dependency to >=2.0.1 by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2315
• Make sure winexec is 16 byte aligned and add nCmdShow option by @kizzx2 in https://github.com/Gallopsled/pwntools/pull/2308
• elf/corefile: Clean up pyelftools workarounds by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2319
• Make pwn template always set context.binary by @FlorianKothmeier in https://github.com/Gallopsled/pwntools/pull/2279
• Add timeout to gdbserver by @Ordoviz in https://github.com/Gallopsled/pwntools/pull/2321
• Fix unhex for odd length bytes by @vsyl in https://github.com/Gallopsled/pwntools/pull/2333
• Speed up pwn disasm with colored output by @vsyl in https://github.com/Gallopsled/pwntools/pull/2334
• Lookup using $PATHEXT file extensions in which on Windows by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2328
• fix: follow symlink for libs on ssh connection by @teddav in https://github.com/Gallopsled/pwntools/pull/2338
• Make sure TERM_PROGRAM points to a valid program in run_in_new_terminal by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2329
• Retry failed lookups after one week in libcdb by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2323
• Match against local system libc first in libcdb by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2325
• checksec.py: import ELF instead of * by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2346
• Fix pwn constgrep when it matches a non-constant type (Fixes #2344) by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2345
• Launch GDB correctly in iTerm on Mac by @teddav in https://github.com/Gallopsled/pwntools/pull/2341
• Improved DynELF address resolutions and symbol lookups by @Bl4ck-C4t in https://github.com/Gallopsled/pwntools/pull/2335
• Add a flatten argument to ssh.libs by @ValekoZ in https://github.com/Gallopsled/pwntools/pull/2268
• Fix Unicorn Engine 1GB limit that calls exit: raise OSError instead (Fixes #2343) by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2347

New Contributors

• @gordiig made their first contribution in https://github.com/Gallopsled/pwntools/pull/2281
• @xambroz made their first contribution in https://github.com/Gallopsled/pwntools/pull/2302
• @kizzx2 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2308
• @FlorianKothmeier made their first contribution in https://github.com/Gallopsled/pwntools/pull/2279
• @Ordoviz made their first contribution in https://github.com/Gallopsled/pwntools/pull/2321
• @vsyl made their first contribution in https://github.com/Gallopsled/pwntools/pull/2333
• @teddav made their first contribution in https://github.com/Gallopsled/pwntools/pull/2338
• @Nils1729 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2339
• @patryk4815 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2161
• @Bl4ck-C4t made their first contribution in https://github.com/Gallopsled/pwntools/pull/2335
• @ValekoZ made their first contribution in https://github.com/Gallopsled/pwntools/pull/2268

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.12.0...4.13.0beta0

What's Changed

• Add --libc libc.so argument to pwn template by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2212
• Add -p (--prefix) and -s (--separator) arguments to hex command by @marcan2020 in https://github.com/Gallopsled/pwntools/pull/2117
• Allow creating custom templates in user-config directory by @hweissi in https://github.com/Gallopsled/pwntools/pull/2257
• Allow empty argv in ssh.process() (#2217) by @goreil in https://github.com/Gallopsled/pwntools/pull/2234
• Add shellcraft.sleep template wrapping SYS_nanosleep by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2221
• shellcraft: more explicit sleep.asm docstring by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2226
• Allow ELF.search(str) by @zt20xx in https://github.com/Gallopsled/pwntools/pull/2211
• Fix format string badbytes inconsistency by @Arusekk in https://github.com/Gallopsled/pwntools/pull/1895
• Fix passing arguments on the stack in shellcraft syscall template by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2219
• Fix remote and listen in sagemath by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2202
• Don't change log level for Corefile._parse_stack() by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2222
• Fix crash in serialtube when connection fails by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2228
• Use command -v instead of which by @whokilleddb in https://github.com/Gallopsled/pwntools/pull/1946
• py2: fix long hex in shellcraft etc. by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2230
• shellcraft/i386: optimize stackhunter by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2231
• shellcraft/*/freebsd: match linux in switching cs by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2232
• Replace isSet with is_set as the former is deprecated in 3.10+ by @maple3142 in https://github.com/Gallopsled/pwntools/pull/2208
• Added MAP_ADD opcode to list of opcodes in safeeval.py by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2243
• Do not overwrite global bytes in examples by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2240
• Decoded data from recv_all in adb.packages to a string by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2237
• Remove unused and broken rop.find_stack_adjustment by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2249
• Rename wd parameter to cwd in ssh.system and ssh.run_to_end by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2251
• Fix readline omitting a trailing \n by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2349
• Add RETURN_CONST as an allowed _const_code in safeeval for Python 3.12 compatibility by @erikleffler in https://github.com/Gallopsled/pwntools/pull/2352
• Change temp path in install script by @Young-Lord in https://github.com/Gallopsled/pwntools/pull/2097
• Publish Docker images through CI by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2236
• ci: stabilize coverage by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2235
• Keep Github Actions up-to-date with Dependabot by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2238

New Contributors

• @marcan2020 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2117
• @maple3142 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2208
• @zt20xx made their first contribution in https://github.com/Gallopsled/pwntools/pull/2211
• @fercevik729 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2228
• @whokilleddb made their first contribution in https://github.com/Gallopsled/pwntools/pull/1946
• @hweissi made their first contribution in https://github.com/Gallopsled/pwntools/pull/2257
• @erikleffler made their first contribution in https://github.com/Gallopsled/pwntools/pull/2352

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.11.1...4.12.0

What's Changed

• Fix _countdown_handler not invoking timeout_change; Fix value is valu… by @TanixLu in https://github.com/Gallopsled/pwntools/pull/2287
• Fix tube.clean_and_log not logging buffered data by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2272
• FIX: Generated shebang with path to python invalid if path contains spaces by @ksshen0000 in https://github.com/Gallopsled/pwntools/pull/2285
• shellcraft.aarch64: Fix atexit SEGV in loader by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2294
• Python 2: Fix installing from source by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2298

New Contributors

• @TanixLu made their first contribution in https://github.com/Gallopsled/pwntools/pull/2287
• @ksshen0000 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2285

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.12.0beta0...4.12.0beta1

What's Changed

• Fix _countdown_handler not invoking timeout_change; Fix value is valu… by @TanixLu in https://github.com/Gallopsled/pwntools/pull/2287
• Fix tube.clean_and_log not logging buffered data by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2272
• FIX: Generated shebang with path to python invalid if path contains spaces by @ksshen0000 in https://github.com/Gallopsled/pwntools/pull/2285
• shellcraft.aarch64: Fix atexit SEGV in loader by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2294
• Python 2: Fix installing from source by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2298

New Contributors

• @TanixLu made their first contribution in https://github.com/Gallopsled/pwntools/pull/2287
• @ksshen0000 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2285

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.11.0...4.11.1

What's Changed

• Add --libc libc.so argument to pwn template by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2212
• Add -p (--prefix) and -s (--separator) arguments to hex command by @marcan2020 in https://github.com/Gallopsled/pwntools/pull/2117
• Add shellcraft.sleep template wrapping SYS_nanosleep by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2221
• Allow creating custom templates in user-config directory and using pwn template --template <path> by @hweissi in https://github.com/Gallopsled/pwntools/pull/2257
• Allow empty argv in ssh.process() (#2217) by @goreil in https://github.com/Gallopsled/pwntools/pull/2234
• Fix remote and listen in sagemath by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2202
• Replace isSet with is_set as the former is deprecated in 3.10+ by @maple3142 in https://github.com/Gallopsled/pwntools/pull/2208
• Convert ELF.search needle to bytes by @zt20xx in https://github.com/Gallopsled/pwntools/pull/2211
• shellcraft/i386: optimize stackhunter by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2231
• shellcraft/*/freebsd: match linux in switching cs by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2232
• Fix passing arguments on the stack in shellcraft syscall template by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2219
• Resolved issue #1411 abt serial-tube misbehaving. by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2228
• Fix format string badbytes inconsistency by @Arusekk in https://github.com/Gallopsled/pwntools/pull/1895
• Change temp path in install script by @Young-Lord in https://github.com/Gallopsled/pwntools/pull/2097
• Remove Travis CI Badge from README by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2220
• Don't change log level for Corefile._parse_stack() by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2222
• Fix Python 2 editable user install by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2224
• shellcraft: more explicit sleep.asm docstring by @disconnect3d in https://github.com/Gallopsled/pwntools/pull/2226
• Use command -v instead of which by @whokilleddb in https://github.com/Gallopsled/pwntools/pull/1946
• py2: fix long hex in shellcraft etc. by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2230
• Publish Docker images through CI by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2236
• ci: stabilize coverage by @Arusekk in https://github.com/Gallopsled/pwntools/pull/2235
• Added MAP_ADD opcode to list of opcodes in safeeval.py by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2243
• Do not overwrite global bytes in examples by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2240
• Decoded data from recv_all in adb.packages to a string by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2237
• Keep Github Actions up-to-date with Dependabot by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2238
• Fix pushing docker images on manual workflow run by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2250
• Remove unused and broken rop.find_stack_adjustment by @fercevik729 in https://github.com/Gallopsled/pwntools/pull/2249
• Only run docker workflow on upstream repo by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2252
• Rename wd parameter to cwd in ssh.system and ssh.run_to_end by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2251

New Contributors

• @marcan2020 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2117
• @maple3142 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2208
• @zt20xx made their first contribution in https://github.com/Gallopsled/pwntools/pull/2211
• @fercevik729 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2228
• @whokilleddb made their first contribution in https://github.com/Gallopsled/pwntools/pull/1946
• @hweissi made their first contribution in https://github.com/Gallopsled/pwntools/pull/2257

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.11.0...4.12.0beta0

What's Changed

• Make fmtstr module able to create payload without $ notation by @murph12F in https://github.com/Gallopsled/pwntools/pull/2185
• Add search for libc binary by leaked function addresses by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2103
• Support for RISC-V 64-bit architecture by @Xeonacid in https://github.com/Gallopsled/pwntools/pull/2177
• ELF.nx and ELF.execstack enhancements by @yuvalpoliti in https://github.com/Gallopsled/pwntools/pull/2186
• Handle context.newline correctly in tube.interactive() by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2129
• Fix bug at ssh.py:download and download_file with relative paths by @goreil in https://github.com/Gallopsled/pwntools/pull/2214
• Fix ssh.process not setting ssh_process.cwd by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2241
• Fix corefile module after pyelftools update by @peace-maker in https://github.com/Gallopsled/pwntools/pull/2261
• Lots of bug fixes and documentation improvements

New Contributors

• @Jusb3 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2152
• @nathan9991 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2157
• @dfyz made their first contribution in https://github.com/Gallopsled/pwntools/pull/2167
• @Minei3oat made their first contribution in https://github.com/Gallopsled/pwntools/pull/2163
• @murph12F made their first contribution in https://github.com/Gallopsled/pwntools/pull/2185
• @ElouanFiore made their first contribution in https://github.com/Gallopsled/pwntools/pull/2192
• @yuvalpoliti made their first contribution in https://github.com/Gallopsled/pwntools/pull/2186
• @jamestiotio made their first contribution in https://github.com/Gallopsled/pwntools/pull/2174
• @Jakub259 made their first contribution in https://github.com/Gallopsled/pwntools/pull/2158

Full Changelog: https://github.com/Gallopsled/pwntools/compare/4.10.0...4.11.0

• #2185 make fmtstr module able to create payload without $ notation
• #2103 Add search for libc binary by leaked function addresses libcdb.search_by_symbol_offsets()
• #2177 Support for RISC-V 64-bit architecture
• #2186 Enhance ELF.nx and ELF.execstack
• #2129 Handle context.newline correctly when typing in tube.interactive()

In memoriam — Zach Riggle — long time contributor and maintainer of Pwntools.

• #2062 make pwn cyclic -l work with entry larger than 4 bytes
• #2092 shellcraft: dup() is now called dupio() consistently across all supported arches
• #2093 setresuid() in shellcraft uses current euid by default
• #2125 Allow tube.recvregex to return capture groups
• #2144 Removes p2align 2 asm() headers from x86-32, x86-64 and mips architectures to avoid inconsistent instruction length when patching binaries

• #2062 make pwn cyclic -l work with entry larger than 4 bytes
• #2092 shellcraft: dup() is now called dupio() consistently across all supported arches
• #2093 setresuid() in shellcraft uses current euid by default
• #2125 Allow tube.recvregex to return capture groups
• #2144 Removes p2align 2 asm() headers from x86-32, x86-64 and mips architectures to avoid inconsistent instruction length when patching binaries

• #1975 Add libcdb commandline tool
• #1979 Add js_escape() and js_unescape() to util.fiddling
• #2011 Fix tube's debug output of same byte compression
• #2023 Support KDE Konsole in run_in_new_terminal function
• #2027 Fix ELF.libc_start_main_return with glibc 2.34
• #2033 Quote file and core path in generated GDB script
• #2035 Change Buffer's parent class to object
• #2037 Allow SSH tunnel to be treated like a TCP socket (with 'raw=True')
• #2123 Fix ROP without a writeable cache directory
• #2124 Fix tube.recvpred() timeout argument