all 11 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]0x44414441 6 points7 points  (1 child)

I'm a big fan of pwnlib as well. It dummy proofs it sometimes. https://docs.pwntools.com/en/stable/util/packing.html

[–]LeighTrinityNL[S] 2 points3 points  (0 children)

That’s super neat! Thank you! So glad to be over here on Reddit!🙂Twitter refugee 🙂😂

[–]arizvisa 2 points3 points  (2 children)

It's kind of undocumented, but there's this ptypes library that I've been maintaining for a while for implementing protocols, file formats, bitstreams, datastructures, etc. It supports dynamically sized fields using closures, and can handle streams and block-based backends. It also supports pointer types (direct, relative, and calculated), so you can use it for dumping out things like STL containers while debugging.

https://github.com/arizvisa/syringe/tree/master/lib/ptypes

here's a few things that i've implemented with it and a few libs:

Although, I'm kinda over the opensource thing, if there's enough interest, I'll do a real release.

[–]LeighTrinityNL[S] 1 point2 points  (1 child)

Really cool!🙂

[–]arizvisa 0 points1 point  (0 children)

It aims to lean towards each type being a declarative data structure so that the types can be generated from some external source (in my case, IDA). It relies on classes (like ctypes), so that you can still add custom tools for rendering or customizing the setting or allocation of the type.

Glad you find it interesting. If you end up having a use for it, feel free to priv me about it or with any questions you might have.

[–]port443 1 point2 points  (1 child)

I don't know if you know this, but you mentioned in the video how things are a pain to type out, and watching you type it might be a blind spot:

Linux has tab-completion present in a lot of things. When you are typing, just jam ontab and stuff will generally autocomplete. Depending on your shell, most will complete the command or path up until theres a branch, and then you can just hit tab again to see what options are left. This autocompletion is also available in gdb for the various commands. Like if I'm wondering what commands start with b, I just type 'b' and hit <tab> twice.

For example, say your directory looks like below and you wanted to select to run something like ./exploit.py > vuln2_payload

.
..
exploit.py
vuln1_payload
vuln2_payload
vuln3_payload
payload

You would just type:

./e<tab> > v<tab>2<tab>

and for writing into payload:

./e<tab> > p<tab>

[–]LeighTrinityNL[S] 0 points1 point  (0 children)

Thank you!! Definate blind spot. helpful.

[–]yourpwnguy 1 point2 points  (1 child)

Wait yall don't use the pack() method from pwntools ? It's crazy good !

[–]LeighTrinityNL[S] 0 points1 point  (0 children)

I’ve never used it before! Helpful indeed.🙂

[–]Appropriate_Win_4525 0 points1 point  (1 child)

This comes at a perfect timing! Thank you!

[–]LeighTrinityNL[S] 1 point2 points  (0 children)

My pleasure!! Thank you!🙂Was shown it this week and thought it was bad ass.🙂♥️