0x00 前言
pwn脚本千篇一律,之前也是保存了一份模板,每次都用它,但还是觉得每次都复制一次各种名字还是有的累,于是就写了一份脚本生成器
0x01 ScriptMaker
#!/usr/bin/env python
# coding: UTF-8
import sys
from sys import *
def make():
data = """
#!/usr/bin/env python2
# -*- coding:utf-8 -*-
from pwn import *
import os, sys
DEBUG = 1
elf = ELF('./""" + argv[1] + """')
if DEBUG:
libc = ELF('/home/moonagirl/moonagirl/libc/libc_local_x64')
p = process('./""" + argv[1] + """')
context.log_level = 'debug'
else:
libc = ELF('./libc-2.23.so')
www = '47.90.103.10'
port = 6000
p = remote(www,port)
system_libc = libc.symbols['system']
success('system_libc:'+hex(system_libc))
def pwn():
p.interactive()
if __name__ == '__main__':
pwn()
"""
py = "%s.py" % argv[1]
f = open("./%s" % py, "wb")
f.write(data)
f.close()
if __name__ == '__main__':
if len(sys.argv) > 1:
make()
0x02 将ScriptMaker加入系统路径
将保存ScriptMaker的路径加入到home下的.profile文件PATH中,如下图,我的路径为/moonagirl/libc/python
➜ ~ cat .profile
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi
# set PATH so it includes user's private bin directories
PATH="$HOME/bin:$HOME/.local/bin:$HOME/moonagirl/libc/python:$PATH"
然后重启系统就可以直接在命令台下执行ScriptMaker了,以后有什么新的需求直接修改ScriptMaker文件就行
➜ ~ ScriptMaker Test