Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Incorrect/weird offsets with Fmtstr()/fmtstr_payload() #2532

Closed
wants to merge 68 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
68 commits
Select commit Hold shift + click to select a range
734cb3b
Begin working on 4.15.0
peace-maker Aug 12, 2024
67678c2
Cache output of `asm()` (#2358)
peace-maker Aug 12, 2024
df620d7
darwin: generate syscalls sdk 15.1 (#2448)
patryk4815 Aug 25, 2024
d7817a7
Nicely handle non ELF files in checksec (#2457)
tesuji Sep 11, 2024
bc453b4
Merge branch 'beta' into dev
peace-maker Sep 25, 2024
3727c93
Add ELF.close() to release resources (#2444)
peace-maker Sep 26, 2024
cdfd64f
Install pwntools on Windows and import it once (#2450)
peace-maker Sep 26, 2024
785ed9f
Properly close spawned kitty window (#2471)
k4lizen Sep 27, 2024
ee63072
libcdb: improve the search speed of `search_by_symbol_offsets` (#2413)
the-soloist Sep 28, 2024
907e921
Merge branch 'beta' into dev
peace-maker Sep 29, 2024
69ab205
Fix collecting coverage in CI (#2477)
peace-maker Sep 29, 2024
fa5a288
Fix waiting for gdb under WSL2 (#2470)
peace-maker Sep 29, 2024
d664bb4
Merge branch 'beta' into dev
peace-maker Sep 29, 2024
b08f4b7
redirect kitty kill command stderr to /dev/null (#2472)
k4lizen Oct 1, 2024
9f92ed0
Fix docs of ELF.{libs,maps}
peace-maker Oct 3, 2024
cfc021d
Extract libraries from Docker image (#2479)
lcian Oct 7, 2024
c68c00c
Merge branch 'beta' into dev
peace-maker Oct 12, 2024
34da249
Bump Ubuntu versions in README and bug report template
peace-maker Oct 12, 2024
7dceedd
Stop using cmd.exe to keep current directory (#2488)
robbert1978 Oct 24, 2024
584ecca
Only print `checksec` output of `ELF.libc` when it was printed for th…
peace-maker Oct 24, 2024
a3b22b7
Throw error when using `sni` and setting `server_hostname` manually i…
peace-maker Oct 24, 2024
d225311
Add caching proxy for libcdb debuginfod files to CI (#2487)
peace-maker Oct 24, 2024
fa14663
libcdb-cli: add `--offline-only`, refactor unstrip and add fetch pars…
the-soloist Oct 24, 2024
3303ea9
Merge branch 'beta' into dev
peace-maker Oct 24, 2024
bb7a85c
Allow to disable caching (#2484)
peace-maker Oct 24, 2024
61804b1
Merge branch 'beta' into dev
peace-maker Oct 24, 2024
51cbdb4
Fix attaching to a gdbserver with tuple `gdb.attach(('0.0.0.0',12345)…
ckxckx Oct 28, 2024
6f0793e
Add `tube.upload_manually` to upload files in chunks (#2410)
peace-maker Oct 28, 2024
55ac6e1
Update documentation for format strings (#2501)
Legoclones Dec 8, 2024
ec262d8
Update sphinx for Python 3.13 support (#2503)
peace-maker Dec 8, 2024
24d217c
Docs: Fix link to source for class properties
peace-maker Dec 9, 2024
b2d56fa
Merge branch 'beta' into dev
peace-maker Dec 10, 2024
57b9eb9
Fix loading ELF files without valid .dynamic section (#2502)
peace-maker Dec 10, 2024
74a300d
Deprecate 'keepends' argument in favor of 'drop' (#2476)
MrQubo Dec 10, 2024
fb2ee19
Deprecate direct commandline scripts invocation and exclude nonsense …
tkmikan Dec 10, 2024
4ef3c16
ssh: replaced nonexistent key with str(e) in error handling (#2512)
findus Jan 6, 2025
7741a18
Ignore a warning with unused args in `asm` on NIX (#2508)
sbancuz Jan 14, 2025
c02190b
Release 4.15.0beta0
peace-maker Jan 15, 2025
241b139
Begin working on 5.0.0
peace-maker Jan 15, 2025
d7a7376
Merge branch 'stable' into beta
peace-maker Jan 15, 2025
29fb02f
Merge branch 'beta' into dev
peace-maker Jan 15, 2025
5f616ad
Add `+LINUX` and `+WINDOWS` doctest options (#2507)
peace-maker Jan 21, 2025
fac8f1e
Support starting a kitty debugging window with the 'kitten' command (…
k4lizen Jan 21, 2025
a9b05b5
Raise EOFError during process.recv when stdout closes on Windows (#2524)
peace-maker Jan 21, 2025
e3a021d
packing: Do use extra arguments in `p*` and `u*` (#2526)
tesuji Jan 21, 2025
cff58e1
Allow to passthru kwargs on `ssh.__getattr__` convenience function to…
peace-maker Jan 21, 2025
1fc3062
fix(fmtstr)!: Attempt to fix the offsets
big-green-lemon Jan 26, 2025
74cb99f
fix(fmtstr): Fix 'IndexError' bug
big-green-lemon Jan 26, 2025
e51bc74
Allow setting debugger path via `context.gdb_binary` (#2527)
Ninja3047 Jan 26, 2025
6748a78
Drop Python 2.7 support / Require Python 3.10 (#2519)
peace-maker Jan 26, 2025
ec6b8cd
Merge branch 'stable' into beta
peace-maker Jan 26, 2025
78d416b
checksec: Do NOT error when passing directory arguments to commandlin…
tesuji Jan 26, 2025
d098431
Merge branch 'beta' into dev
peace-maker Jan 26, 2025
fa7d76d
CI: Test on Python 3.13 (#2534)
peace-maker Jan 26, 2025
50577ab
fix(build): Backward compatibility with Python 2
big-green-lemon Jan 27, 2025
3c3571b
chore: Update CHANGELOG.md
big-green-lemon Jan 27, 2025
3eb690b
Initial LoongArch64 support (#2529)
xtexx Jan 29, 2025
447ac94
doc: add example case for `tuple` (host, port pair) in `gdb.attach` (…
RocketMaDev Feb 17, 2025
636b3b2
ROP: fix `ROP(ELF(exe)).leave` is `None` in some ELF (#2506)
RocketMaDev Feb 18, 2025
328b2cd
Drop six (#2547)
Arusekk Feb 28, 2025
a76db16
Combine coverage from all CI jobs (#2553)
Arusekk Feb 28, 2025
d5fa567
Don't upgrade pip anymore and --break-system-packages
peace-maker Jan 29, 2025
df6f835
build(test/travis-docker): Use `sudo` with Docker
big-green-lemon Feb 28, 2025
4ebed47
build(test/travis-docker): End path with /
big-green-lemon Feb 28, 2025
0d0b351
test(fmtstr): Update doctests
big-green-lemon Feb 28, 2025
5ef7945
fix(fmtstr): String formatting
big-green-lemon Feb 28, 2025
bab6a8d
Merge remote-tracking branch 'github/dev' into fix-fmstr-no-revert
big-green-lemon Feb 28, 2025
2307cf9
Revert "build(test/travis-docker): Use `sudo` with Docker"
big-green-lemon Feb 28, 2025
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ Thanks for contributing to Pwntools!

When reporting an issue, be sure that you are running the latest released version of pwntools (`pip install --upgrade pwntools`).

Please verify that your issue occurs on 64-bit Ubuntu 14.04. You can use the Dockerfile on `docker.io` for quick testing.
Please verify that your issue occurs on 64-bit Ubuntu 22.04. You can use the Dockerfile on `docker.io` for quick testing.

```
$ docker pull pwntools/pwntools:stable
Expand Down
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/bug_report.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ You should see `[DEBUG]` statements that show what's happening behind the scenes

## Verify on Ubuntu

If possible, please verify that your issue occurs on 64-bit Ubuntu 18.04. We provide a Dockerfile based on Ubuntu 18.04 via `docker.io` to make this super simple, no VM required!
If possible, please verify that your issue occurs on 64-bit Ubuntu 22.04. We provide a Dockerfile based on Ubuntu 22.04 via `docker.io` to make this super simple, no VM required!

```sh
# Download the Docker image
Expand Down
70 changes: 0 additions & 70 deletions .github/workflows/android.yml

This file was deleted.

181 changes: 150 additions & 31 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,25 @@ jobs:
test:
strategy:
matrix:
python_version: ['3.10', '3.12']
python_version: ['3.10', '3.12', '3.13']
os: [ubuntu-latest]
include:
- python_version: '2.7'
os: ubuntu-22.04
runs-on: ${{ matrix.os }}
timeout-minutes: 30
services:
libcdb-cache:
image: nginx
volumes:
- /home/runner/libcdb-cache:/var/cache/nginx
ports:
- 3000:3000 # https://debuginfod.elfutils.org proxy cache
- 3001:3001 # https://libc.rip/ proxy cache
- 3002:3002 # http://archive.ubuntu.com/ proxy cache
- 3003:3003 # https://gitlab.com/ proxy cache
env:
DEBUGINFOD_URLS: http://localhost:3000/
PWN_LIBCRIP_URL: http://localhost:3001/
PWN_UBUNTU_ARCHIVE_URL: http://localhost:3002/
PWN_GITLAB_LIBCDB_URL: http://localhost:3003/
steps:
- uses: actions/checkout@v4
with:
Expand All @@ -22,6 +34,28 @@ jobs:
git fetch origin
git log --oneline --graph -10

- name: Fix libcdb-cache permissions
id: fix-perms
run: |
sudo chown -R runner:runner /home/runner/libcdb-cache
echo "date=$(/bin/date -u "+%Y%m%d%H%M%S")" >> $GITHUB_OUTPUT

- name: Cache for libcdb requests
uses: actions/cache@v4
with:
path: ~/libcdb-cache
key: libcdb-python${{ matrix.python_version }}-${{ steps.fix-perms.outputs.date }}
restore-keys: |
libcdb-python${{ matrix.python_version }}-
libcdb-

- name: Install libcdb-cache service config
run: |
sudo chown -R 101:101 /home/runner/libcdb-cache
container_id=$(docker ps --all --filter volume=/home/runner/libcdb-cache --no-trunc --format "{{.ID}}")
docker cp ./travis/libcdb_nginx_cache.conf $container_id:/etc/nginx/nginx.conf
docker restart $container_id

- name: Install RPyC for gdb
run: |
# The version packaged in python3-rpyc is too old on Ubuntu 24.04
Expand All @@ -30,17 +64,7 @@ jobs:
/usr/bin/python -m pip install --break-system-packages rpyc || /usr/bin/python -m pip install rpyc
gdb --batch --quiet --nx --nh --ex 'py import rpyc; print(rpyc.version.version)'

- name: Cache for pip
uses: actions/cache@v4
if: matrix.python_version == '2.7'
id: cache-pip
with:
path: ~/.cache/pip
key: ${{ matrix.os }}-${{ matrix.python_version }}-cache-pip-${{ hashFiles('**/pyproject.toml', '**/requirements*.txt') }}
restore-keys: ${{ matrix.os }}-${{ matrix.python_version }}-cache-pip-

- name: Set up Python ${{ matrix.python_version }}
if: matrix.python_version != '2.7'
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python_version }}
Expand All @@ -49,17 +73,6 @@ jobs:
**/pyproject.toml
**/requirements*.txt

- name: Set up Python 2.7
if: matrix.python_version == '2.7'
run: |
sudo apt-get update
sudo apt-get install -y \
python2.7 python2.7-dev python2-pip-whl
sudo ln -sf python2.7 /usr/bin/python
export PYTHONPATH=`echo /usr/share/python-wheels/pip-*py2*.whl`
sudo --preserve-env=PYTHONPATH python -m pip install --upgrade pip setuptools wheel
sudo chown -R $USER /usr/local/lib/python2.7


- name: Verify tag against version
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
Expand Down Expand Up @@ -89,11 +102,12 @@ jobs:
binutils-s390x-linux-gnu \
binutils-sparc64-linux-gnu \
binutils-riscv64-linux-gnu \
binutils-loongarch64-linux-gnu \
gcc-multilib \
libc6-dbg \
elfutils \
patchelf

- name: Testing Corefiles
run: |
ulimit -a
Expand All @@ -119,10 +133,6 @@ jobs:
- name: Install documentation dependencies
run: pip install -r docs/requirements.txt

- name: Manually install non-broken Unicorn
if: matrix.python_version == '2.7'
run: pip install unicorn==2.0.0rc7

- name: Disable yama ptrace_scope
run: |
echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope # required by some gdb doctests
Expand Down Expand Up @@ -208,7 +218,6 @@ jobs:
pwn libcdb hash b229d1da1e161f95e839cf90cded5f719e5de308

- name: Build source and wheel distributions
if: matrix.python_version != '2.7'
run: |
python -m build

Expand All @@ -225,6 +234,116 @@ jobs:
path: .coverage*
include-hidden-files: true

- name: Fix libcdb-cache permissions
run: |
container_id=$(docker ps --filter volume=/home/runner/libcdb-cache --no-trunc --format "{{.ID}}")
docker stop $container_id
sudo chown -R runner:runner /home/runner/libcdb-cache

android-test:
runs-on: ubuntu-latest
timeout-minutes: 30
continue-on-error: true
steps:
- uses: actions/checkout@v4

- name: Set up Python 3.12
uses: actions/setup-python@v5
with:
python-version: '3.12'
cache: 'pip'
cache-dependency-path: |
**/pyproject.toml
**/requirements*.txt

- name: Install Linux dependencies
run: |
sudo apt-get update
sudo apt-get install -y --no-install-recommends -o Acquire::Retries=3 \
gdb gdbserver socat \
qemu-user-static \
binutils-aarch64-linux-gnu \
binutils-arm-linux-gnueabihf \
libc6-dbg

- name: Cache for avd
uses: actions/cache@v4
id: cache-avd
with:
path: |
~/.android
/usr/local/lib/android/sdk/emulator
/usr/local/lib/android/sdk/platform-tools
/usr/local/lib/android/sdk/system-images
key: ${{ matrix.os }}-cache-avd-${{ hashFiles('travis/setup_avd*.sh') }}
restore-keys: |
${{ matrix.os }}-cache-avd-

- name: Install Android AVD
run: |
sudo usermod -aG kvm $USER
source travis/setup_avd_fast.sh
sed -i 's/skip_android = True/skip_android = False/' docs/source/conf.py
set | grep ^PATH >.android.env

- name: Install dependencies
run: |
pip install --upgrade pip
pip install --upgrade wheel build
pip install --upgrade flake8 appdirs
pip install --upgrade --editable .

- name: Sanity checks
run: PWNLIB_NOTERM=1 python -c 'from pwn import *; print(pwnlib.term.term_mode)'

- name: Install documentation dependencies
run: pip install -r docs/requirements.txt

- name: Coverage Doctests (Android Only)
run: |
source .android.env
PWNLIB_NOTERM=1 coverage run -m sphinx -b doctest docs/source docs/build/doctest docs/source/adb.rst

- uses: actions/upload-artifact@v4
with:
name: coverage-android
path: .coverage*
include-hidden-files: true

windows-test:
runs-on: windows-latest
timeout-minutes: 30
continue-on-error: true
steps:
- uses: actions/checkout@v4

- name: Set up Python 3.12
uses: actions/setup-python@v5
with:
python-version: '3.12'

- name: Install dependencies
run: |
pip install --upgrade pip
pip install --upgrade --editable .

- name: Install documentation dependencies
run: pip install -r docs/requirements.txt

- name: Sanity checks
run: |
python -bb -c 'from pwn import *'
python -bb examples/text.py

- name: Coverage doctests
run: |
python -bb -m coverage run -m sphinx -b doctest docs/source docs/build/doctest

- uses: actions/upload-artifact@v4
with:
name: coverage-windows
path: .coverage*
include-hidden-files: true

upload-coverage:
runs-on: ubuntu-latest
Expand Down
5 changes: 3 additions & 2 deletions .github/workflows/pylint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,11 @@ jobs:
set -x
pip install pylint
pip install --upgrade -e .
pylint --exit-zero --errors-only pwnlib -f parseable | cut -d ' ' -f2- > current.txt
run_pylint() { pylint --exit-zero --errors-only pwnlib -f parseable | cut -d ' ' -f2- | sed 's/line [0-9]\+/line XXXX/g'; }
run_pylint > current.txt
git fetch origin
git checkout origin/"$GITHUB_BASE_REF"
pylint --exit-zero --errors-only pwnlib -f parseable | cut -d ' ' -f2- > base.txt
run_pylint > base.txt
if diff base.txt current.txt | grep '>'; then
false
fi
Loading
Loading