Pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible.

from pwn import *
context(arch = 'i386', os = 'linux')

r = remote('exploitme.example.com', 31337)
# EXPLOIT CODE GOES HERE
r.send(asm(shellcraft.sh()))
r.interactive()

Our documentation is available at docs.pwntools.com

generate an exploit.py and a cmd(gdb script)

xready --host [remote host] --port [remote port] --arch [architecture] --libc [libc file] [binary file]

x [argument]

Example: When exploiting remote

x r

When exploiting local

x l

When debugging exploit

x a 

or

x

The specified executable file listens on 4444 ports

sock [binary file]

Change ASLR

aslr [on | off]

Confirm current ASLR

aslr

To get you started, we've provided some example solutions for past CTF challenges in our write-ups repository.

Pwntools is best supported on 64-bit Ubuntu LTE releases (12.04, 14.04, and 16.04). Most functionality should work on any Posix-like distribution (Debian, Arch, FreeBSD, OSX, etc.). Python 2.7 is required.

Most of the functionality of pwntools is self-contained and Python-only. You should be able to get running quickly with

apt-get update
apt-get install python2.7 python-pip python-dev git libssl-dev libffi-dev build-essential
git clone https://github.com/No1zy/ponpontools
python setup.py install

If you have any questions not worthy of a bug report, feel free to ping us Twitter here to connect.