Closed ihsinme closed 2 years ago
Corefile makes sense only if a deadly core-dropping signal arrives to the process (the core file preserves the death state), or if it is still alive (the core file preserves a snapshot of the process state). If the process has terminated, it does not exist, so its state cannot be captured.
I am not sure what your expectations are in this case, and what do you need the core file for. Nevertheless, this /sbin/crash_reporter thing is not supported by pwntools, so even if your ls
process crashed, we have no idea what colab does with core files.
EDIT: see signal(7)
manpage.
Thank you for your prompt response.
so pwntools doesn't work with colab kernel files?
It does work with colab, but what is not supported is two things: capturing a core file of an exited process (anywhere), and capturing a core file of a crashed process on colab. Pwntools is a tool kit, and only this single tool does not work: you need to work this around either by capturing a core file of an alive process, or by changing the core_pattern from |/sbin/crash_reporter
to core
, or finally by not using core files inspection at all.
In most cases when the actual exploitation happens, you do not have access to core files dropped by incorrect exploitation attempts anyway (suid launches or only I/O remote access), so your final exploit should not rely on the corefile functionality.
EDIT: what is it you want to acheive? What do you actually want to happen?
thanks for the answer.
I want to use the simple example from article https://mudongliang.github.io/2021/05/11/use-pwntools-for-your-exploits.html, make a sample collab notebook and start learning about your tool.
thanks
thanks
if the use cases pwntools in colab