pwntools template for ctf

pwntools-template.py

from pwn import *

context.terminal = ["terminator", "-e"]

BINARY_NAME = "<enter binary name>"
LIBC_NAME = "./libc.so"
REMOTE = ("<enter hostname>", 0000)

context.binary = BINARY_NAME
binary = context.binary
libc = ELF(LIBC_NAME)

EXEC_STR = [binary.path]

PIE_ENABLED = binary.pie

BREAKPOINTS = [int(x, 16) for x in args.BREAK.split(',')] if args.BREAK else []

gdbscript_break = '\n'.join([f"{'pie ' if PIE_ENABLED else ''}break *{hex(x)}" for x in BREAKPOINTS])

gdbscript = \
        """
        # GDBSCRIPT here
        """


def handle():
    
    env = {"LD_PRELOAD": libc.path}
    
    if args.REMOTE:
        return remote(*REMOTE)
    
    elif args.LOCAL:
        p = process(EXEC_STR, env=env)
    else:
        error("No argument supplied.\nUsage: python exploit.py (REMOTE|LOCAL) [GDB] [STRACE]") 
    
    if args.GDB:
        gdb.attach(p, gdbscript_break + gdbscript)
    
    elif args.STRACE:
        subprocess.Popen([*context.terminal, f"strace -p {p.pid}; cat"])
        input("Waiting for enter...")
    
    return p

def main():
    l = handle()
    
    if args.INTERACTIVE:
        l.interactive()
    
    # start exploit here

    l.interactive()


if __name__ == "__main__":
    main()