Module: Pwnlib::Runner

Included in:

Pwn

Defined in:

lib/pwnlib/runner.rb

Overview

This module collects the methods for executing codes, e.g., assembly code, assembled machine code, etc.

Class Method Summary

• .run_assembly(assembly) ⇒ Pwnlib::Tubes::Process

  Given an assembly listing, assemble and execute it.

• .run_shellcode(bytes) ⇒ Pwnlib::Tubes::Process

  Given assembled machine code bytes, execute them.

Class Method Details

.run_assembly(assembly) ⇒ Pwnlib::Tubes::Process

Given an assembly listing, assemble and execute it.

Parameters:

• assembly (String) —

  Assembly code.

Returns:

• (Pwnlib::Tubes::Process) —

  The tube for interacting.

See Also:

• run_shellcode

# File 'lib/pwnlib/runner.rb', line 23

def run_assembly(assembly)
  run_shellcode(::Pwnlib::Asm.asm(assembly))
end

.run_shellcode(bytes) ⇒ Pwnlib::Tubes::Process

Given assembled machine code bytes, execute them.

Examples:

r = run_shellcode(asm(shellcraft.cat('/etc/passwd')))
r.interact
# [INFO] Switching to interactive mode
# root:x:0:0:root:/root:/bin/bash
# daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
# bin:x:2:2:bin:/bin:/usr/sbin/nologin
# sys:x:3:3:sys:/dev:/usr/sbin/nologin
# sync:x:4:65534:sync:/bin:/bin/sync
# games:x:5:60:games:/usr/games:/usr/sbin/nologin
# [INFO] Got EOF in interactive mode
#=> true

Parameters:

• bytes (String) —

  Assembled code.

Returns:

• (Pwnlib::Tubes::Process) —

  The tube for interacting.

# File 'lib/pwnlib/runner.rb', line 47

def run_shellcode(bytes)
  file = ::Pwnlib::Asm.make_elf(bytes, to_file: true)
  at_exit { FileUtils.rm_f(file) if File.exist?(file) }
  ::Pwnlib::Tubes::Process.new(file)
end