Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Engineering - Joints 2020
# pwndbg scripting
gdb.execute('b* 0x555555554982') # call rdx
gdb.execute('r < input')
gdb.execute('s') # step into call
flag = []
while True:
instr = pwndbg.disasm.one() # get current instruction
# instr is a part of capstone object, https://www.capstone-engine.org/lang_python.html
if instr.mnemonic == "cmp" and instr.reg_name(instr.operands[0].value.reg) == "r9":
gdb.execute(f"set $r9={instr.operands[1].value.imm}")
flag.append(instr.operands[1].value.imm)
print(bytes(flag))
if ord("}") in flag:
break
gdb.execute("s") # step
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment