PwnTools

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

pip3 install pwntools

Pwn asm

Pata opcodes kutoka kwa mstari au faili.

pwn asm "jmp esp"
pwn asm -i <filepath>

Inaweza kuchaguliwa:

aina ya pato (raw,hex,string,elf)
muktadha wa faili la pato (16,32,64,linux,windows...)
epuka byte (mistari mipya, null, orodha)
chagua encoder debug shellcode ukitumia gdb endesha pato

Pwn checksec

Script ya checksec

pwn checksec <executable>

Pwn constgrep

Pwn cyclic

Pata muundo

pwn cyclic 3000
pwn cyclic -l faad

Inaweza kuchaguliwa:

Alfabeti inayotumika (herufi ndogo kwa chaguo-msingi)
Urefu wa muundo wa kipekee (chaguo-msingi 4)
muktadha (16,32,64,linux,windows...)
Chukua ofseti (-l)

Pwn debug

Unganisha GDB na mchakato

pwn debug --exec /bin/bash
pwn debug --pid 1234
pwn debug --process bash

Inaweza kuchaguliwa:

Kwa executable, kwa jina au kwa muktadha wa pid (16,32,64,linux,windows...)
gdbscript ya kutekeleza
sysrootpath

Pwn disablenx

Zima nx ya binary

pwn disablenx <filepath>

Pwn disasm

Disas hex opcodes

pwn disasm ffe4

Inaweza kuchaguliwa:

muktadha (16,32,64,linux,windows...)
anwani ya msingi
rangi (ya kawaida)/hakuna rangi

Pwn elfdiff

Chapisha tofauti kati ya faili 2

pwn elfdiff <file1> <file2>

Pwn hex

Pata uwakilishi wa hexadecimal

pwn hex hola #Get hex of "hola" ascii

Pwn phd

Pata hexdump

pwn phd <file>

Inaweza kuchaguliwa:

Idadi ya bytes za kuonyesha
Idadi ya bytes kwa kila mstari wa kuangazia byte
Kosa bytes mwanzoni

Pwn pwnstrip

Pwn scrable

Pwn shellcraft

Pata shellcodes

pwn shellcraft -l #List shellcodes
pwn shellcraft -l amd #Shellcode with amd in the name
pwn shellcraft -f hex amd64.linux.sh #Create in C and run
pwn shellcraft -r amd64.linux.sh #Run to test. Get shell
pwn shellcraft .r amd64.linux.bindsh 9095 #Bind SH to port

Inaweza kuchaguliwa:

shellcode na hoja za shellcode
Faili ya nje
muundo wa pato
debug (unganishi dbg kwa shellcode)
kabla (trap ya debug kabla ya msimbo)
baada
epuka kutumia opcodes (default: si null na mstari mpya)
Endesha shellcode
Rangi/hakuna rangi
orodhesha syscalls
orodhesha shellcodes zinazowezekana
Unda ELF kama maktaba ya pamoja

Pwn template

Pata kiolezo cha python

pwn template

Inaweza kuchaguliwa: mwenyeji, bandari, mtumiaji, pass, njia na kimya

Pwn unhex

Kutoka hex hadi string

pwn unhex 686f6c61

Pwn update

Ili kusasisha pwntools

pwn update

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
Shiriki hila za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

PreviousExploiting Tools NextStack Overflow

Last updated 4 days ago

Pwn shellcraft

Pata shellcodes

pwn shellcraft -l #List shellcodes
pwn shellcraft -l amd #Shellcode with amd in the name
pwn shellcraft -f hex amd64.linux.sh #Create in C and run
pwn shellcraft -r amd64.linux.sh #Run to test. Get shell
pwn shellcraft .r amd64.linux.bindsh 9095 #Bind SH to port

Inaweza kuchaguliwa:

shellcode na hoja za shellcode

Faili ya nje

muundo wa pato

debug (unganishi dbg kwa shellcode)

kabla (trap ya debug kabla ya msimbo)

baada

epuka kutumia opcodes (default: si null na mstari mpya)

Endesha shellcode

Rangi/hakuna rangi

orodhesha syscalls

orodhesha shellcodes zinazowezekana

Unda ELF kama maktaba ya pamoja