Skip to content

Instantly share code, notes, and snippets.

@clubby789
clubby789 / fuzz.py
Created Sep 4, 2020
Pwntools-based format string fuzzer
View fuzz.py
from pwn import *
context.arch = "amd64" # Change as applicable
e = ELF("./format") # Binary name
p = process(e.path)
l = p.libc # Load libc, initialised with correct values
rev = {value : key for (key, value) in l.sym.items()}
# Flip sym:addr dict
def exec_fmt(pl):
p.sendline(pl)
return p.clean()
@clubby789
clubby789 / fastcgi-gen.py
Created Jul 29, 2020
A Python script to generate FastCGI packets to be injected into a php-fpm socket. Based on https://gist.github.com/wofeiwo/4f41381a388accbf91f8
View fastcgi-gen.py
#!/usr/bin/python3
# Ported to Python from https://gist.github.com/wofeiwo/4f41381a388accbf91f8
# Only implements packet generation, not sending/receiving
import base64
class FCGIClient:
def __init__(self):
self.VERSION_1 = 1;
self.BEGIN_REQUEST = 1;
self.ABORT_REQUEST = 2;
self.END_REQUEST = 3;