vagd.virts
Submodules
Classes
local execution of binary |
|
ssh interface for pwntools |
|
Package Contents
- class vagd.virts.Dogd(binary: str, image: str = DEFAULT_IMAGE, user: str = DEFAULT_USER, forward: Dict[str, int] = None, packages: List[str] = None, symbols=True, rm=True, ex: bool = False, fast: bool = False, alpine: bool = False, **kwargs)
Bases:
vagd.virts.shgd.ShgdDocker virtualization for pwntools- Parameters:
binary – binary to execute
image – docker base image
user – name of user on docker container
forward – Dictionary of forwarded ports, needs to follow docker api format: ‘hostport/(tcp|udp)’ : guestport
packages – packages to install on the container
symbols – additionally install libc6 debug symbols (also updates libc6)
ex – if experimental features, e.g. alpine, gdbserver should be enabled
rm – remove container after exit
alpine – if the conainter is alpine (also autochecks image name)
fast – mounts libs locally for faster symbol extraction (experimental) NOT COMPATIBLE WITH ALPINE
kwargs – parameters to pass through to super
SSH from cmdvagd ssh # or ssh -o "StrictHostKeyChecking=no" -i ~/.share/local/vagd/keyfile -p $(cut .vagd/docker.lock -d":" -f 2) vagd@0.0.0.0
connect with docker execdocker exec -it $(cut ./.vagd/docker.lock -d":" -f 1) /bin/bash
Kill from cmd:vagd clean #or docker kill $(cut ./.vagd/docker.lock -d":" -f 1)
Docker containers are automatically removed after they stopDocker images need to be manually removed from dockerDockerfiles are stored in home directory to allow caching ~/.share/local/vagd/docker/<image>/Dockerfiledocker images # list images docker rmi <id> # remove correct image
- _image: str
- _name: str
- _user: str
- _port: int
- _packages: List[str]
- _client: docker.client
- _id: str
- _dockerdir: str
- _dockerfile: str
- _isalpine: bool
- _gdbsrvport: int
- _rm: bool
- _ex: bool
- _forward: Dict[str, int]
- _symbols: bool
- VAGD_PREFIX = 'vagd-'
- TYPE = 'dogd'
- DOCKERHOME
- DEFAULT_USER = 'vagd'
- DEFAULT_PORT = 2222
- DEFAULT_IMAGE
- DEFAULT_PACKAGES
- LOCKFILE
- _create_dockerfile()
- _create_docker_instance()
- _build_image()
- _vm_create()
- _vm_setup() None
pass
- class vagd.virts.Logd(binary: str, **kwargs)
Bases:
vagd.virts.pwngd.Pwngdlocal execution of binary
- Parameters:
binary – binary to execute
- _binary: str
- _vm_setup() None
NOT IMPLEMENTED
- _ssh_setup() None
NOT IMPLEMENTED
- _sync(file: str) None
NOT IMPLEMENTED
- _mount(remote_dir: str, local_dir: str) None
NOT IMPLEMENTED
- _mount_lib(remote_lib: str = '/usr/lib') None
NOT IMPLEMENTED
- system(cmd: str) None
NOT IMPLEMENTED
- _install_packages(packages: Iterable)
NOT IMPLEMENTED
- put(file: str, remote: str = None)
NOT IMPLEMENTED
- debug(**kwargs) pwnlib.tubes.process.process
run binary with gdb locally :param kwargs: pwntool arguments :rtype: pwnlib.tubes.process.process
- pwn_debug(argv: list[str] = None, **kwargs) pwnlib.tubes.process.process
run binary with gdb locally :param argv: comandline arguments for binary :param kwargs: pwntool arguments :rtype: pwnlib.tubes.process.process
- process(argv: list[str] = None, **kwargs) pwnlib.tubes.process.process
run binary locally :param argv: comandline arguments for binary :param kwargs: pwntool parameters :return: pwntools process
- start(argv: list[str] = None, gdbscript: str = '', api: bool = None, **kwargs) pwnlib.tubes.process.process
start binary locally and return pwnlib.tubes.process.process :param argv: commandline arguments for binary :param gdbscript: GDB script for GDB :param api: if GDB API should be enabled (experimental) :param kwargs: pwntool parameters :return: pwntools process, if api=True tuple with gdb api
- class vagd.virts.Qegd(binary: str, img: str = DEFAULT_IMG, user: str = DEFAULT_USER, forward: Dict[str, int] = None, packages: List[str] = None, arm: bool = False, qemu: str = DEFAULT_QEMU_CMD, cpu: str = DEFAULT_QEMU_CPU, memory: str = DEFAULT_QEMU_MEMORY, machine: str = DEFAULT_QEMU_MACHINE, cores: str = DEFAULT_QEMU_CORES, bios: str = None, detach: bool = False, custom: str = '', **kwargs)
Bases:
vagd.virts.shgd.ShgdQEMU Virtualization for pwntools- Parameters:
binary – binary for VM debugging
img – qemu image to use (requires ssh)
user – user inside qemu image
ports – forwarded ports
packages – packages to install on vm
arm – emulate arm in qemu
qemu – qemu cmd
cpu – value for :code -cpu
memory – value for :code -m
cores – value for :code -smp
machine – value for :code -machine
bios – value for :code -bios
custom – custom qemu arguments
detach – run qemu in new terminal
kwargs – parameters to pass through to super
SSH from cmdvagd ssh # or ssh -o "StrictHostKeyChecking=no" -i ~/.share/local/vagd/keyfile -p $(cat .vagd/qemu.lock) ubuntu@0.0.0.0
Kill from cmd:vagd clean # or kill $(pgrep qemu)
Qemu images are cached in the home directory:~/.share/local/vagd/qemu-imgs/current used images are stored in the local directory:./.vagd/current.imgThese should be deleted automatically, but if a machine gets improperly stopped(shutdown host while vm is running) it might remain and use up space. You can find remaining images with:find ~/ -name current.img rm <path/current.img>
- DEFAULT_IMG
- QEMU_DIR
- IMGS_DIR
- DEFAULT_USER = 'vagd'
- DEFAULT_HOST = '0.0.0.0'
- TYPE = 'qegd'
- DEFAULT_PORT = 2222
- DEFAULT_QEMU_CMD = 'qemu-system-x86_64'
- DEFAULT_QEMU_ARM_CMD = 'qemu-system-aarch64'
- DEFAULT_QEMU_MACHINE_PREFIX = '-machine'
- DEFAULT_QEMU_MACHINE = 'accel=kvm,type=q35'
- DEFAULT_QEMU_ARM_MACHINE = 'virt'
- DEFAULT_QEMU_CPU_PREFIX = '-cpu'
- DEFAULT_QEMU_CPU = 'host'
- DEFAULT_QEMU_ARM_CPU = 'cortex-a72'
- DEFAULT_QEMU_CORES_PREFIX = '-smp'
- DEFAULT_QEMU_CORES = '2'
- DEFAULT_QEMU_BIOS_PREFIX = '-bios'
- DEFAULT_QEMU_ARM_BIOS = '/usr/share/edk2/aarch64/QEMU_EFI.fd'
- DEFAULT_QEMU_MEMORY_PREFIX = '-m'
- DEFAULT_QEMU_MEMORY = '2G'
- _img: str
- _local_img: str
- _user: str
- _host: str
- _port: int
- _forward: Dict[str, int]
- _qemu: str
- _cpu: str
- _cores: str
- _memory: str
- _bios: str
- _machine: str
- _detach: bool
- _custom
- static _is_local(url) bool
check if provided url is local or remote :param url: url to check :return: if the url is local or remote
- CURRENT_IMG
- _set_local_img()
get local image for qemu machine
- METADATA_FILE
- _METADATA = Multiline-String
Show Value
"""instance-id: iid-local01 local-hostname: cloudimg """
- USER_DATA_FILE
- _USER_DATA = Multiline-String
Show Value
"""#cloud-config users: - default - name: {user} groups: sudo shell: /bin/bash sudo: ['ALL=(ALL) NOPASSWD:ALL'] ssh_authorized_keys: - {pubkey} """
- SEED_FILE
- _GENERATE_SEED_IMG
- _setup_seed()
create seed.img with config data like ssh keypair in .qemu
- _QEMU_PORT_FORWARDING = ',hostfwd={type}::{guest}-:{host}'
- _QEMU_START
- _QEMU_PIPE = '&> /dev/null; '
- _QEMU_SUFFIX = 'rm {lock} {current}'
- _QEMU_ARM_START = ''
- LOCKFILE
- _qemu_start()
start qemu machine
- _new_vm() None
create new vm
- _vm_setup() None
setup qemu machine
- class vagd.virts.Shgd(binary: str, user: str = DEFAULT_USER, host: str = DEFAULT_HOST, port: int = DEFAULT_PORT, keyfile: str = Pwngd.KEYFILE, **kwargs)
Bases:
vagd.virts.pwngd.Pwngdssh interface for pwntools
- Parameters:
binary – binary to execute
user – ssh user
host – ssh hostname
port – ssh port
keyfile – ssh keyfile (default in .vagd)
kwargs – parameters to pass through to super
- DEFAULT_HOST = 'localhost'
- DEFAULT_PORT = 22
- DEFAULT_USER = 'root'
- _user: str
- _host: str
- _port: int
- _keyfile: str
- _ssh: pwnlib.tubes.ssh.ssh
- bind(port: int) int
bind port from ssh connection locally :param port: :return:
- _vm_setup() None
pass
- _TRIES = 3
- _ssh_setup() None
setup ssh connection
- class vagd.virts.Vagd(binary: str, vagrantfile: str = VAGRANTFILE_PATH, vbox: str = None, packages: List[str] = None, **kwargs)
Bases:
vagd.virts.shgd.ShgdVagrant Virtualization for pwntools- Parameters:
binary – binary for VM debugging
vbox – vagrant box to use
vagrantfile – location of Vagrantfile
packages – packages to install on vm
kwargs – arguments to pass through to super
SSH from cmd:vagd ssh # or VAGRANT_CWD=.vagd vagrant ssh
halt from cmdVAGRANT_CWD=.vagd vagrant halt
destroy from cmdvagd clean # or VAGRANT_CWD=.vagd vagrant destroy
- VAGRANTFILE_PATH
- VAGRANTFILE_BOX = 'config.vm.box'
- VAGRANT_BOX
- KEYFILE
- TYPE = 'vagd'
- _box: str
- _vagrantfile: str
- _v: object
- _get_box() str
returns box of current vagrantfile @:rtype box name of Vagrantfile
- _vm_setup() None
setup vagrant machine creates new one if no Vagrantfile is specified or box does not match