Merge branch 'beta' into dev

peace-maker · peace-maker · commit b2d56fa37c5e · 2024-12-10T21:17:16.000+01:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -145,6 +145,12 @@ The table below shows which release corresponds to each branch, and what date th
 [2435]: https://github.com/Gallopsled/pwntools/pull/2435
 [2437]: https://github.com/Gallopsled/pwntools/pull/2437
 
+## 4.13.2
+
+- [#2497][2497] Fix remote.fromsocket() to handle AF_INET6 socket
+
+[2497]: https://github.com/Gallopsled/pwntools/pull/2497
+
 ## 4.13.1 (`stable`)
 
 - [#2445][2445] Fix parsing the PLT on Windows
diff --git a/pwnlib/gdb.py b/pwnlib/gdb.py
@@ -195,7 +195,7 @@ def debug_assembly(asm, gdbscript=None, vma=None, api=False):
 
     >>> assembly = shellcraft.echo("Hello world!\n")
     >>> io = gdb.debug_assembly(assembly)
-    >>> io.recvline(timeout=1)
+    >>> io.recvline()
     b'Hello world!\n'
     """
     tmp_elf = make_elf_from_assembly(asm, vma=vma, extract=False)
@@ -230,7 +230,7 @@ def debug_shellcode(data, gdbscript=None, vma=None, api=False):
     >>> assembly = shellcraft.echo("Hello world!\n")
     >>> shellcode = asm(assembly)
     >>> io = gdb.debug_shellcode(shellcode)
-    >>> io.recvline(timeout=1)
+    >>> io.recvline()
     b'Hello world!\n'
     """
     if isinstance(data, six.text_type):
@@ -490,12 +490,12 @@ def debug(args, gdbscript=None, gdb_args=None, exe=None, ssh=None, env=None, por
         Send a command to Bash
 
         >>> io.sendline(b"echo hello")
-        >>> io.recvline(timeout=30)
+        >>> io.recvline()
         b'hello\n'
 
         Interact with the process
 
-        >>> io.interactive(timeout=1) # doctest: +SKIP
+        >>> io.interactive() # doctest: +SKIP
         >>> io.close()
 
         Create a new process, and stop it at '_start'
@@ -514,7 +514,7 @@ def debug(args, gdbscript=None, gdb_args=None, exe=None, ssh=None, env=None, por
         Send a command to Bash
 
         >>> io.sendline(b"echo hello")
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'hello\n'
 
         Interact with the process
@@ -526,19 +526,19 @@ def debug(args, gdbscript=None, gdb_args=None, exe=None, ssh=None, env=None, por
 
         >>> io = gdb.debug(args=[b'\xde\xad\xbe\xef'], gdbscript='continue', exe="/bin/sh")
         >>> io.sendline(b"echo $0")
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'\xde\xad\xbe\xef\n'
         >>> io.close()
 
         Demonstrate that LD_PRELOAD is respected
 
         >>> io = process(["grep", "libc.so.6", "/proc/self/maps"])
-        >>> real_libc_path = io.recvline(timeout=1).split()[-1]
+        >>> real_libc_path = io.recvline().split()[-1]
         >>> io.close()
         >>> import shutil
         >>> local_path = shutil.copy(real_libc_path, "./local-libc.so") # make a copy of libc to demonstrate that it is loaded
         >>> io = gdb.debug(["grep", "local-libc.so", "/proc/self/maps"], gdbscript="continue", env={"LD_PRELOAD": "./local-libc.so"})
-        >>> io.recvline(timeout=1).split()[-1] # doctest: +ELLIPSIS
+        >>> io.recvline().split()[-1] # doctest: +ELLIPSIS
         b'.../local-libc.so'
         >>> io.close()
         >>> os.remove("./local-libc.so") # cleanup
@@ -572,15 +572,15 @@ def debug(args, gdbscript=None, gdb_args=None, exe=None, ssh=None, env=None, por
 
         >>> io = gdb.debug(args=[b'\xde\xad\xbe\xef'], gdbscript='continue', exe="/bin/sh", ssh=shell)
         >>> io.sendline(b"echo $0")
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'$ \xde\xad\xbe\xef\n'
         >>> io.close()
 
         Using an empty args[0] on a remote process
 
         >>> io = gdb.debug(args=[], gdbscript='continue', exe="/bin/sh", ssh=shell)
         >>> io.sendline(b"echo $0")
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'$ \n'
         >>> io.close()
 
@@ -620,12 +620,12 @@ def debug(args, gdbscript=None, gdb_args=None, exe=None, ssh=None, env=None, por
         Resume the program
 
         >>> io.gdb.continue_nowait()
-        >>> io.recvline(timeout=1)
+        >>> io.recvline()
         b'foo\n'
         >>> io.close()
 
         >>> ssh_io.gdb.continue_nowait()
-        >>> ssh_io.recvline(timeout=1)
+        >>> ssh_io.recvline()
         b'foo\n'
         >>> ssh_io.close()
         >>> shell.close()
@@ -980,7 +980,7 @@ def attach(target, gdbscript = '', exe = None, gdb_args = None, ssh = None, sysr
         ... detach
         ... quit
         ... ''')
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'Hello from process debugger!\n'
         >>> io.sendline(b'echo Hello from bash && exit')
         >>> io.recvall()
@@ -1007,7 +1007,7 @@ def attach(target, gdbscript = '', exe = None, gdb_args = None, ssh = None, sysr
 
             Observe the forced line
 
-            >>> io.recvline(timeout=1)
+            >>> io.recvline()
             b'Hello from process debugger!\n'
 
             Interact with the program in a regular way
@@ -1031,7 +1031,7 @@ def attach(target, gdbscript = '', exe = None, gdb_args = None, ssh = None, sysr
         ... detach
         ... quit
         ... ''')
-        >>> io.recvline(timeout=10)
+        >>> io.recvline()
         b'Hello from remote debugger!\n'
         >>> io.sendline(b'echo Hello from bash && exit')
         >>> io.recvall()
@@ -1074,7 +1074,7 @@ def attach(target, gdbscript = '', exe = None, gdb_args = None, ssh = None, sysr
         >>> io.recvline(timeout=5)  # doctest: +SKIP
         b'Hello from ssh debugger!\n'
         >>> io.sendline(b'This will be echoed back')
-        >>> io.recvline(timeout=1)
+        >>> io.recvline()
         b'This will be echoed back\n'
         >>> io.close()
     """
diff --git a/pwnlib/tubes/remote.py b/pwnlib/tubes/remote.py
@@ -53,6 +53,13 @@ class remote(sock):
         >>> r = remote.fromsocket(s)
         >>> r.recvn(4)
         b'HTTP'
+        >>> s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM) #doctest: +SKIP
+        >>> s.connect(('2606:4700:4700::1111', 80)) #doctest: +SKIP
+        >>> s.send(b'GET ' + b'\r\n'*2) #doctest: +SKIP
+        8
+        >>> r = remote.fromsocket(s) #doctest: +SKIP
+        >>> r.recvn(4) #doctest: +SKIP
+        b'HTTP'
     """
 
     def __init__(self, host, port,
@@ -141,7 +148,7 @@ def fromsocket(cls, socket):
             Instance of pwnlib.tubes.remote.remote.
         """
         s = socket
-        host, port = s.getpeername()
+        host, port = s.getpeername()[:2]
         return remote(host, port, fam=s.family, typ=s.type, sock=s)
 
 class tcp(remote):
