11306114272

Committed 12 Oct 2024 01:39PM UTC coverage: 74.285%. First build

Build # 11306114272

Build Type

Pull #2486

github

Committed by

web-flow

Commit Message

Merge e679b6a6c into 78dd77773

Pull Request Pull Request #2486: Test Python version >= 3.10 in CI and fix tests on Python 3.12

Run Details

3680 of 6140 branches covered (59.93%)

20 of 34 new or added lines in 22 files covered. (58.82%)

12979 of 17472 relevant lines covered (74.28%)

0.74 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

28.38

/pwnlib/commandline/template.py

from __future__ import absolute_import
from __future__ import division

from pwn import *
from pwnlib.commandline import common

from mako.lookup import TemplateLookup, Template

parser = common.parser_commands.add_parser(
    'template',
    help = 'Generate an exploit template',
    description = 'Generate an exploit template. If no arguments are given, '
                    'the current directory is searched for an executable binary and ' 
                    'libc. If only one binary is found, it is assumed to be the '
                    'challenge binary.'
)

# change path to hardcoded one when building the documentation
printable_data_path = "pwnlib/data" if 'sphinx' in sys.modules else pwnlib.data.path

parser.add_argument('exe', nargs='?', help='Target binary. If not given, the current directory is searched for an executable binary.')
parser.add_argument('--host', help='Remote host / SSH server')
parser.add_argument('--port', help='Remote port / SSH port', type=int)
parser.add_argument('--user', help='SSH Username')
parser.add_argument('--pass', '--password', help='SSH Password', dest='password')
parser.add_argument('--libc', help='Path to libc binary to use. If not given, the current directory is searched for a libc binary.')
parser.add_argument('--path', help='Remote path of file on SSH server')
parser.add_argument('--quiet', help='Less verbose template comments', action='store_true')
parser.add_argument('--color', help='Print the output in color', choices=['never', 'always', 'auto'], default='auto')
parser.add_argument('--template', help='Path to a custom template. Tries to use \'~/.config/pwntools/templates/pwnup.mako\', if it exists. '
                                   'Check \'%s\' for the default template shipped with pwntools.' % 
                                        os.path.join(printable_data_path, "templates", "pwnup.mako"))
parser.add_argument('--no-auto', help='Do not automatically detect missing binaries', action='store_false', dest='auto')

def detect_missing_binaries(args):
    log.info("Automatically detecting challenge binaries...")
    # look for challenge binary, libc, and ld in current directory
    exe, libc, ld = args.exe, args.libc, None
    other_files = []
    for filename in os.listdir():
        if not os.path.isfile(filename):
            continue
        if not libc and ('libc-' in filename or 'libc.' in filename):
            libc = filename
        elif not ld and 'ld-' in filename:
            ld = filename
        else:
            if os.access(filename, os.X_OK):
                other_files.append(filename)
    if not exe:
        if len(other_files) == 1:
            exe = other_files[0]
        elif len(other_files) > 1:
            log.warning("Failed to find challenge binary. There are multiple binaries in the current directory: %s", other_files)

    if exe != args.exe:
        log.success("Found challenge binary %r", exe)
    if libc != args.libc:
        log.success("Found libc binary %r", libc)
    return exe, libc

def main(args):

    lookup = TemplateLookup(
        directories      = [
            os.path.expanduser('~/.config/pwntools/templates/'),
            os.path.join(pwnlib.data.path, 'templates')
        ],
        module_directory = None
    )

    # For the SSH scenario, check that the binary is at the
    # same path on the remote host.
    if args.user:
        if not (args.path or args.exe):
            log.error("Must specify --path or a exe")

        with ssh(args.user, args.host, args.port or 22, args.password or None) as s:
            try:
                remote_file = args.path or args.exe
                s.download(remote_file)
            except Exception:
                log.warning("Could not download file %r, opening a shell", remote_file)
                s.interactive()
                return

        if not args.exe:
            args.exe = os.path.basename(args.path)

    if args.auto and (args.exe is None or args.libc is None):
        args.exe, args.libc = detect_missing_binaries(args)
    
    if args.template:
        template = Template(filename=args.template) # Failing on invalid file is ok
    else:
        template = lookup.get_template('pwnup.mako')
    
    output = template.render(args.exe,
                             args.host,
                             args.port,
                             args.user,
                             args.password,
                             args.libc,
                             args.path,
                             args.quiet)

    # Fix Mako formatting bs
    output = re.sub('\n\n\n', '\n\n', output)

    # Colorize the output if it's a TTY
    if args.color == 'always' or (args.color == 'auto' and sys.stdout.isatty()):
        from pygments import highlight
        from pygments.formatters import TerminalFormatter
        from pygments.lexers.python import PythonLexer
        output = highlight(output, PythonLexer(), TerminalFormatter())

    print(output)

    # If redirected to a file, make the resulting script executable
    if not sys.stdout.isatty():
        try: os.fchmod(sys.stdout.fileno(), 0o700)
        except OSError: pass

if __name__ == '__main__':
    pwnlib.commandline.common.main(__file__, main)
    

1	from __future__ import absolute_import	1✔
2	from __future__ import division	1✔
3
4	from pwn import *	1✔
5	from pwnlib.commandline import common	1✔
6
7	from mako.lookup import TemplateLookup, Template	1✔
8
9	parser = common.parser_commands.add_parser(	1✔
10	'template',
11	help = 'Generate an exploit template',
12	description = 'Generate an exploit template. If no arguments are given, '
13	'the current directory is searched for an executable binary and '
14	'libc. If only one binary is found, it is assumed to be the '
15	'challenge binary.'
16	)
17
18	# change path to hardcoded one when building the documentation
19	printable_data_path = "pwnlib/data" if 'sphinx' in sys.modules else pwnlib.data.path	1✔
20
21	parser.add_argument('exe', nargs='?', help='Target binary. If not given, the current directory is searched for an executable binary.')	1✔
22	parser.add_argument('--host', help='Remote host / SSH server')	1✔
23	parser.add_argument('--port', help='Remote port / SSH port', type=int)	1✔
24	parser.add_argument('--user', help='SSH Username')	1✔
25	parser.add_argument('--pass', '--password', help='SSH Password', dest='password')	1✔
26	parser.add_argument('--libc', help='Path to libc binary to use. If not given, the current directory is searched for a libc binary.')	1✔
27	parser.add_argument('--path', help='Remote path of file on SSH server')	1✔
28	parser.add_argument('--quiet', help='Less verbose template comments', action='store_true')	1✔
29	parser.add_argument('--color', help='Print the output in color', choices=['never', 'always', 'auto'], default='auto')	1✔
30	parser.add_argument('--template', help='Path to a custom template. Tries to use \'~/.config/pwntools/templates/pwnup.mako\', if it exists. '	1✔
31	'Check \'%s\' for the default template shipped with pwntools.' %
32	os.path.join(printable_data_path, "templates", "pwnup.mako"))
33	parser.add_argument('--no-auto', help='Do not automatically detect missing binaries', action='store_false', dest='auto')	1✔
34
35	def detect_missing_binaries(args):	1✔
36	log.info("Automatically detecting challenge binaries...")	×
37	# look for challenge binary, libc, and ld in current directory
38	exe, libc, ld = args.exe, args.libc, None	×
39	other_files = []	×
40	for filename in os.listdir():	×
41	if not os.path.isfile(filename):	×
42	continue	×
43	if not libc and ('libc-' in filename or 'libc.' in filename):	×
44	libc = filename	×
45	elif not ld and 'ld-' in filename:	×
46	ld = filename	×
47	else:
48	if os.access(filename, os.X_OK):	×
49	other_files.append(filename)	×
50	if not exe:	×
51	if len(other_files) == 1:	×
52	exe = other_files[0]	×
53	elif len(other_files) > 1:	×
54	log.warning("Failed to find challenge binary. There are multiple binaries in the current directory: %s", other_files)	×
55
56	if exe != args.exe:	×
57	log.success("Found challenge binary %r", exe)	×
58	if libc != args.libc:	×
59	log.success("Found libc binary %r", libc)	×
60	return exe, libc	×
61
62	def main(args):	1✔
63
64	lookup = TemplateLookup(	×
65	directories = [
66	os.path.expanduser('~/.config/pwntools/templates/'),
67	os.path.join(pwnlib.data.path, 'templates')
68	],
69	module_directory = None
70	)
71
72	# For the SSH scenario, check that the binary is at the
73	# same path on the remote host.
74	if args.user:	×
75	if not (args.path or args.exe):	×
76	log.error("Must specify --path or a exe")	×
77
78	with ssh(args.user, args.host, args.port or 22, args.password or None) as s:	×
79	try:	×
80	remote_file = args.path or args.exe	×
81	s.download(remote_file)	×
82	except Exception:	×
83	log.warning("Could not download file %r, opening a shell", remote_file)	×
84	s.interactive()	×
85	return	×
86
87	if not args.exe:	×
88	args.exe = os.path.basename(args.path)	×
89
90	if args.auto and (args.exe is None or args.libc is None):	×
91	args.exe, args.libc = detect_missing_binaries(args)	×
92
93	if args.template:	×
94	template = Template(filename=args.template) # Failing on invalid file is ok	×
95	else:
96	template = lookup.get_template('pwnup.mako')	×
97
98	output = template.render(args.exe,	×
99	args.host,
100	args.port,
101	args.user,
102	args.password,
103	args.libc,
104	args.path,
105	args.quiet)
106
107	# Fix Mako formatting bs
108	output = re.sub('\n\n\n', '\n\n', output)	×
109
110	# Colorize the output if it's a TTY
111	if args.color == 'always' or (args.color == 'auto' and sys.stdout.isatty()):	×
112	from pygments import highlight	×
113	from pygments.formatters import TerminalFormatter	×
114	from pygments.lexers.python import PythonLexer	×
115	output = highlight(output, PythonLexer(), TerminalFormatter())	×
116
117	print(output)	×
118
119	# If redirected to a file, make the resulting script executable
120	if not sys.stdout.isatty():	×
121	try: os.fchmod(sys.stdout.fileno(), 0o700)	×
122	except OSError: pass	×
123
124	if __name__ == '__main__':	1!
NEW 125	pwnlib.commandline.common.main(__file__, main)	×
126

Gallopsled / pwntools / 11306114272

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous