☠️
smadi0x86 Playground
  • 💀Welcome to smadi0x86 Playground
    • 🍷Resources
    • 🚬Projects
    • 🎓Certifications
    • 📌Pinned
    • ❓Questions
    • 📞Contact
  • 🏞️Cloud Native
    • Docker
      • Quick Reference
      • Introduction
      • Containers
      • Images
      • Storage & Volumes
      • Security
      • Cheatsheet
    • Git
    • Serverless Framework
    • YAML
  • 🔨Software Engineering
    • System Design
    • Environment Variables
    • JSON Web Tokens
  • 👾Architecture
    • C Language
      • Introduction
      • GCC Compilation
      • Libraries & Linking
      • I/O
      • Files
      • Pointers
      • Dynamic Memory Allocation
      • Data Types
      • Strings Manipulation
      • Bit Manipulation
      • Pre-processors
      • Macros
      • Type Qualifiers
    • C/C++ Build Systems
      • Fundamentals for Linking
      • Symbolic Linking
      • Cross-Platform Compilation
      • CMake for Building and Linking
      • Shared Libraries
      • Dynamic Linking and Dependency Management
    • Operating Systems
      • OS & Architecture
      • Processes
      • CPU Scheduling
      • Memory Management
  • 🛩️Cyber Warfare
    • Flight Physics
    • Communication
      • PWM & PPM
      • MAVLink
  • 🏴‍☠️Offensive Security
    • Active Directory
      • Introduction
    • Web Attacks
      • Server Side
        • OS Command Injection
        • Information Disclosure
        • Directory Traversal
        • Business Logic
        • Authentication
        • File Upload
        • SSRF
      • Client Side
        • CSRF
        • XSS
    • Recon
      • Active
        • Host discovery
        • Nmap
        • Mass Scan
      • Passive
        • Metadata
      • Web Applications
        • Discovery
        • Subdomains & Directories
        • SSL Certs
        • CMS
        • WAF Detection
      • Firewall Evasion
  • Binary Exploitation
    • Stack Smashing
      • x86
      • x86_64
    • pwntools
      • Processes and Communication
      • Logging and Context
      • Cyclic
      • Packing
      • ELF
      • ROP
  • 😈Advanced Persistent Threat
    • C2
      • Sliver
    • Malware
      • Windows Internals
        • PEB
      • Academy
        • Basics
      • Sektor7
        • Essentials
  • 💌Certifications
    • AWS Certified Cloud Practitioner (CLF-C01)
      • Cloud Foundations
      • Domain 1: Cloud Concepts
      • Domain 2: Security and Compliance
      • Domain 3: Technology
      • Domain 4: Billing and Pricing
    • AWS Certified Solutions Architect - Associate (SAA-C03)
      • Foundation
    • Certified Kubernetes Administrator (CKA)
      • Core Concepts
      • Scheduling
      • Logging & Monitoring
      • Application Lifecycle Management
      • Cluster Maintenance
      • Security
      • Storage
      • Networking
      • Design Kubernetes Cluster
      • Kubernetes The Kubeadm Way
      • Troubleshooting
      • JSONPATH
      • Lightning Lab
      • Mock Exams
      • Killer Shell
    • Certified Kubernetes Security (CKS)
      • Foundation
      • Cluster Setup
      • Cluster Hardening
      • Supply Chain Security
      • Runtime Security
      • System Hardening
      • Killer Shell
    • (KGAC-101) Kong Gateway Foundations
      • Introduction to APIs and API Management
      • Introduction to Kong Gateway
      • Getting Started with Kong Enterprise
      • Getting Started with Kong Konnect
      • Introduction to Kong Plugins
  • 📜Blog Posts
    • Modern Solutions For Preventing Ransomware Attacks
Powered by GitBook
On this page
  • Processes
  • Sending Data to Processes
  • p.send(data)
  • p.sendline(data)
  • Receiving Data From Processes
  • p.recv(numb)
  • p.recvuntil(delimiter, drop=False)
  • p.recvline(keepends=True)
  • p.clean(timeout=0.02)
  • Timeout
  1. Binary Exploitation
  2. pwntools

Processes and Communication

Processes

A process is the main way you interact with something in pwntools, and starting one is easy.

p = process('./vulnerable_binary')

You can also start remote processes and connect to sockets using remote:

p = remote('my.special.ip', port)

Sending Data to Processes

The power of pwntools is incredibly simple communication with your processes.

p.send(data)

Sends data to the process. Data can either be a string or a bytes-like object , pwntools handles it all for you.

p.sendline(data)

Sends data to the process, followed by a newline character . Some programs require the to take in the input (think about how you need to hit the enter key to send the data with nc) while others don't.

p.sendline(data) is equivalent to p.send(data + '\n')

An incorrect number of these may cause your exploit to stall when there's nothing wrong with it. This should be the first thing you check. If you're uncertain, use p.clean() instead.

Receiving Data From Processes

p.recv(numb)

Receives numb bytes from the process.

p.recvuntil(delimiter, drop=False)

Receives all the data until it encounters the delimiter, after which it returns the data. If drop is True then the returned data does not include the delimiter.

p.recvline(keepends=True)

Essentially equivalent to p.recvuntil('\n', drop=keepends). Receives up until a is reached, then returns the data including the if keepends is True.

p.clean(timeout=0.02)

Receives all data for timeout seconds and returns it. Another similar function is p.recvall(), but this regularly takes far too long to execute so p.clean() is much better.

Timeout

All receiving functions all contain a timeout parameter as well as the other listed ones. For example, p.recv(numb=16, timeout=1) will execute but if numb bytes are not received within timeout seconds the data is buffered for the next receiving function and an empty string '' is returned.

PreviouspwntoolsNextLogging and Context

Last updated 1 month ago

Page cover image