vagd.virts.pwngd

Classes

Pwngd

start binary on remote and return pwnlib.tubes.process.process

Module Contents

class vagd.virts.pwngd.Pwngd(binary: str, libs=False, files: str | list[str] = None, packages: List[str] = None, symbols=True, tmp: bool = False, gdbsrvport: int = -1, root: bool = False, fast: bool = False, ex: bool = False)

Bases: abc.ABC

start binary on remote and return pwnlib.tubes.process.process

Parameters:

  • binary – binary for VM debugging

  • libs – download libraries (using ldd) from VM

  • files – other files or directories that need to be uploaded to VM

  • packages – packages to install on vm

  • symbols – additionally install libc6 debug symbols

  • tmp – if a temporary directory should be created for files

  • gdbsrvport – specify static gdbserver port, REQURIES port forwarding to localhost

  • fast – mounts libs locally for faster symbol extraction (experimental)

  • ex – if experimental features should be enabled

LOCAL_DIR = './.vagd/'
HOME_DIR
SYSROOT
LOCKFILE
KEYFILE
PUBKEYFILE
DEFAULT_PORT = 2222
STATIC_GDBSRV_PORT = 42069
is_new: bool = False
_path: str
_gdbsrvport: int
_binary: str
_ssh: pwnlib.tubes.ssh.ssh
_experimental: bool
_fast: bool
abstract _vm_setup() None

setup vagrant machine creates new one if no Vagrantfile is specified or box does not match

abstract _ssh_setup() None

setup ssh connection

_sync(file: str) bool

upload file on remote if not exist :type file: file to upload :return: if the file was uploaded

_SSHFS_TEMPLATE = 'sshfs -p {port} -o StrictHostKeyChecking=no,ro,IdentityFile={keyfile}...
_mount(remote_dir: str, local_dir: str) None

mount remote dir on local wiith sshfs :param remote_dir: directory on remote to mount :param local_dir: local mount point

_lock(typ: str)
_mount_root(remote_lib: str = '/') None

mount the lib directory of remote

system(cmd: str) pwnlib.tubes.ssh.ssh_channel

executes command on vm, interface to pwnlib.tubes.ssh.ssh.system

Parameters:

cmd – command to execute on vm

Returns:

returns

DEFAULT_PACKAGES = ['gdbserver', 'python3', 'sudo']
LIBC6_DEBUG = 'libc6-dbg'
LIBC6_I386 = 'libc6-i386'
_install_packages(packages: Iterable)

install packages on remote machine

Parameters:

packages – packages to install on remote machine

put(file: str, remote: str = None)

upload file or dir on vm,

Parameters:

  • file – file to upload

  • remote – remote location of file, working directory if not specified

Returns:

returns

pull(file: str, local: str = None)

download file or dir on vm,

Parameters:

  • file – remote location of file, working directory if not specified

  • local – local location of file, current directory if not specified

Returns:

returns

LIBS_DIRECTORY = 'libs'
libs(directory=None)

Downloads the libraries referred to by a file. This is done by running ldd on the remote server, parsing the output and downloading the relevant files.

directory(str): Output directory :return:

debug(argv: list[str] = None, exe: str = '', env: Dict[str, str] = None, ssh=None, gdbscript: str = '', api: bool = False, sysroot: str = None, gdb_args: list[str] = None, **kwargs) pwnlib.tubes.process

run binary in vm with gdb and experimental features

Parameters:

  • argv – command line arguments

  • exe – exe to execute

  • env – environment variable dictionary

  • ssh – ignored self._ssh is used instead

  • gdbscript – used gdbscript

  • api – return gdb python api interface

  • sysroot – sysroot directory

  • gdb_args – additional gdb arguments

  • kwargs – pwntool arguments

Return type:

pwnlib.tubes.process.process

pwn_debug(argv: list[str] = None, ssh=None, **kwargs) pwnlib.tubes.process.process

run binary in vm with gdb (pwnlib feature set)

Parameters:

  • argv – comandline arguments for binary

  • ssh – ignored self._ssh is used instead

  • kwargs – pwntool parameters

Returns:

pwntools process

process(argv: list[str] = None, **kwargs) pwnlib.tubes.process.process

run binary in vm as process

Parameters:

  • argv – comandline arguments for binary

  • kwargs – pwntool parameters

Returns:

pwntools process

start(argv: list[str] = None, gdbscript: str = '', api: bool = None, sysroot: str = None, gdb_args: list = None, **kwargs) pwnlib.tubes.process.process

start binary on remote and return pwnlib.tubes.process.process

Parameters:

  • argv – commandline arguments for binary

  • gdbscript – GDB script for GDB

  • api – if GDB API should be enabled (experimental)

  • sysroot – sysroot dir (experimental)

  • gdb_args – extra gdb args (experimental)

  • kwargs – pwntool parameters

Returns:

pwntools process, if api=True tuple with gdb api