pwnlib.util.misc
— We could not fit it any other place¶
-
pwnlib.util.misc.
align
(alignment, x) → int[source]¶ Rounds x up to nearest multiple of the alignment.
Example
>>> [align(5, n) for n in range(15)] [0, 5, 5, 5, 5, 5, 10, 10, 10, 10, 10, 15, 15, 15, 15]
-
pwnlib.util.misc.
align_down
(alignment, x) → int[source]¶ Rounds x down to nearest multiple of the alignment.
Example
>>> [align_down(5, n) for n in range(15)] [0, 0, 0, 0, 0, 5, 5, 5, 5, 5, 10, 10, 10, 10, 10]
-
pwnlib.util.misc.
binary_ip
(host) → bytes[source]¶ Resolve host and return IP as four byte string.
Example
>>> binary_ip("127.0.0.1") b'\x7f\x00\x00\x01'
-
pwnlib.util.misc.
force_bytes
(s) → bytes[source]¶ Ensures the given argument is of type bytes
Example
>>> force_bytes(b'abc') b'abc' >>> force_bytes('abc') b'abc' >>> force_bytes(1) Traceback (most recent call last): ... TypeError: Expecting a value of type bytes or str, got 1
-
pwnlib.util.misc.
parse_ldd_output
(output)[source]¶ Parses the output from a run of ‘ldd’ on a binary. Returns a dictionary of {path: address} for each library required by the specified binary.
Parameters: output (bytes, str) – The output to parse Example
>>> sorted(parse_ldd_output(''' ... linux-vdso.so.1 => (0x00007fffbf5fe000) ... libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 (0x00007fe28117f000) ... libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fe280f7b000) ... libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fe280bb4000) ... /lib64/ld-linux-x86-64.so.2 (0x00007fe2813dd000) ... ''').keys()) ['/lib/x86_64-linux-gnu/libc.so.6', '/lib/x86_64-linux-gnu/libdl.so.2', '/lib/x86_64-linux-gnu/libtinfo.so.5', '/lib64/ld-linux-x86-64.so.2']
-
pwnlib.util.misc.
read
(path, count=-1, skip=0, mode='r') → bytes or str[source]¶ Open file, return content.
Examples
>>> read('pwnlib/util/misc.py').split('\n')[0] 'import base64'
-
pwnlib.util.misc.
register_sizes
(regs, in_sizes)[source]¶ Create dictionaries over register sizes and relations
Given a list of lists of overlapping register names (e.g. [‘eax’,’ax’,’al’,’ah’]) and a list of input sizes, it returns the following:
- all_regs : list of all valid registers
- sizes[reg] : the size of reg in bits
- bigger[reg] : list of overlapping registers bigger than reg
- smaller[reg]: list of overlapping registers smaller than reg
Used in i386/AMD64 shellcode, e.g. the mov-shellcode.
Example
>>> regs = [['eax', 'ax', 'al', 'ah'],['ebx', 'bx', 'bl', 'bh'], ... ['ecx', 'cx', 'cl', 'ch'], ... ['edx', 'dx', 'dl', 'dh'], ... ['edi', 'di'], ... ['esi', 'si'], ... ['ebp', 'bp'], ... ['esp', 'sp'], ... ] >>> all_regs, sizes, bigger, smaller = register_sizes(regs, [32, 16, 8, 8]) >>> all_regs ['eax', 'ax', 'al', 'ah', 'ebx', 'bx', 'bl', 'bh', 'ecx', 'cx', 'cl', 'ch', 'edx', 'dx', 'dl', 'dh', 'edi', 'di', 'esi', 'si', 'ebp', 'bp', 'esp', 'sp'] >>> sizes == {'ch': 8, 'cl': 8, 'ah': 8, 'edi': 32, 'al': 8, 'cx': 16, 'ebp': 32, 'ax': 16, 'edx': 32, 'ebx': 32, 'esp': 32, 'esi': 32, 'dl': 8, 'dh': 8, 'di': 16, 'bl': 8, 'bh': 8, 'eax': 32, 'bp': 16, 'dx': 16, 'bx': 16, 'ecx': 32, 'sp': 16, 'si': 16} True >>> bigger == {'ch': ['ecx', 'cx', 'ch'], 'cl': ['ecx', 'cx', 'cl'], 'ah': ['eax', 'ax', 'ah'], 'edi': ['edi'], 'al': ['eax', 'ax', 'al'], 'cx': ['ecx', 'cx'], 'ebp': ['ebp'], 'ax': ['eax', 'ax'], 'edx': ['edx'], 'ebx': ['ebx'], 'esp': ['esp'], 'esi': ['esi'], 'dl': ['edx', 'dx', 'dl'], 'dh': ['edx', 'dx', 'dh'], 'di': ['edi', 'di'], 'bl': ['ebx', 'bx', 'bl'], 'bh': ['ebx', 'bx', 'bh'], 'eax': ['eax'], 'bp': ['ebp', 'bp'], 'dx': ['edx', 'dx'], 'bx': ['ebx', 'bx'], 'ecx': ['ecx'], 'sp': ['esp', 'sp'], 'si': ['esi', 'si']} True >>> smaller == {'ch': [], 'cl': [], 'ah': [], 'edi': ['di'], 'al': [], 'cx': ['cl', 'ch'], 'ebp': ['bp'], 'ax': ['al', 'ah'], 'edx': ['dx', 'dl', 'dh'], 'ebx': ['bx', 'bl', 'bh'], 'esp': ['sp'], 'esi': ['si'], 'dl': [], 'dh': [], 'di': [], 'bl': [], 'bh': [], 'eax': ['ax', 'al', 'ah'], 'bp': [], 'dx': ['dl', 'dh'], 'bx': ['bl', 'bh'], 'ecx': ['cx', 'cl', 'ch'], 'sp': [], 'si': []} True
-
pwnlib.util.misc.
run_in_new_terminal
(command, terminal=None) → None[source]¶ Run a command in a new terminal.
- When terminal is not set:
- If context.terminal is set it will be used. If it is an iterable then context.terminal[1:] are default arguments.
- If X11 is detected (by the presence of the
DISPLAY
environment variable),x-terminal-emulator
is used. - If tmux is detected (by the presence of the
TMUX
environment variable), a new pane will be opened.
Parameters: Returns: None
-
pwnlib.util.misc.
sh_string
(s)[source]¶ Outputs a string in a format that will be understood by /bin/sh.
If the string does not contain any bad characters, it will simply be returned, possibly with quotes. If it contains bad characters, it will be escaped in a way which is compatible with most known systems.
Examples
>>> print(sh_string('foobar')) foobar >>> print(sh_string('foo bar')) 'foo bar' >>> print(sh_string("foo'bar")) "foo'bar" >>> print(sh_string("foo\\bar")) 'foo\bar' >>> print(sh_string("foo\\'bar")) "foo\\'bar" >>> print(sh_string("foo\x01'bar")) "$( (echo Zm9vASdiYXI=|(base64 -d||openssl enc -d -base64)||echo -en 'foo\x01\x27bar') 2>/dev/null)" >>> print(subprocess.check_output("echo -n " + sh_string("foo\\'bar"), shell=True)) b"foo\\'bar"
-
pwnlib.util.misc.
size
(n, abbriv='B', si=False) → str[source]¶ Convert the length of a bytestream to human readable form.
Parameters: Example
>>> size(451) '451B' >>> size(1000) '1000B' >>> size(1024) '1.00KB' >>> size(1024, si=True) '1.02KB' >>> [size(1024 ** n) for n in range(7)] ['1B', '1.00KB', '1.00MB', '1.00GB', '1.00TB', '1.00PB', '1024.00PB']
-
pwnlib.util.misc.
uniform_strings
(*args) → bytes or str list[source]¶ Returns all arguments casted into the less exclusive string type (bytes or str)
Example
>>> uniform_strings('a', 'b', 'c') ('a', 'b', 'c') >>> uniform_strings('a', b'b', 'c') (b'a', b'b', b'c') >>> uniform_strings(b'a', b'b', b'c') (b'a', b'b', b'c')
-
pwnlib.util.misc.
which
(name, flags=os.X_OK, all=False) → str or str set[source]¶ Works as the system command
which
; searches $PATH forname
and returns a full path if found.If all is
True
the set of all found locations is returned, else the first occurence orNone
is returned.Parameters: Returns: If all is
True
the set of all locations where name was found, else the first location orNone
if not found.Example
>>> which('sh') '/bin/sh'