integeruser · July 6, 2019 16:00
diff --git a/wrapper.py b/wrapper.py
 #!/usr/bin/python2
 def exploit():
    payload = '\xde\xad\xbe\xef'
    return payload

 # Usage: in gdb, execute `set exec-wrapper ./wrapper.py`

 # Set arguments and environment variables for the program
 # arg0 (real path of the executable to run) is set automatically
 args = ['arg1', exploit(), 'arg3']
 env = ['VAR1=VALUE1']

 if __name__ == '__main__':
    import sys
    if len(sys.argv) != 2:
        print('Usage %s executable' % sys.argv[0])
        sys.exit(1)

    executable = sys.argv[1]

    import os
    path = os.path.realpath(executable)

    from ctypes import cdll, c_char_p, cast
    from ctypes.util import find_library

    args = [path] + args + [None]
    argp = (c_char_p * len(args))()
    for i, arg in enumerate(args):
        argp[i] = cast(arg, c_char_p)

    env += [None]
    envp = (c_char_p * len(env))()
    for i, var in enumerate(env):
        envp[i] = cast(var, c_char_p)

    libc = cdll.LoadLibrary(find_library('c'))
    libc.execve(path, argp, envp)
	#!/usr/bin/python2
	def exploit():
	payload = '\xde\xad\xbe\xef'
	return payload

	# Usage: in gdb, execute `set exec-wrapper ./wrapper.py`

	# Set arguments and environment variables for the program
	# arg0 (real path of the executable to run) is set automatically
	args = ['arg1', exploit(), 'arg3']
	env = ['VAR1=VALUE1']

	if __name__ == '__main__':
	import sys
	if len(sys.argv) != 2:
	print('Usage %s executable' % sys.argv[0])
	sys.exit(1)

	executable = sys.argv[1]

	import os
	path = os.path.realpath(executable)

	from ctypes import cdll, c_char_p, cast
	from ctypes.util import find_library

	args = [path] + args + [None]
	argp = (c_char_p * len(args))()
	for i, arg in enumerate(args):
	argp[i] = cast(arg, c_char_p)

	env += [None]
	envp = (c_char_p * len(env))()
	for i, var in enumerate(env):
	envp[i] = cast(var, c_char_p)

	libc = cdll.LoadLibrary(find_library('c'))
	libc.execve(path, argp, envp)