Closed peace-maker closed 9 months ago
We could use the pwnlib.filesystem
abstraction to look for the files on the ssh server too, but I see even more potential in automatically grabbing the used libc from the remote wherever it is instead. That can be done in a separate PR.
When the
args.exe
orargs.libc
arguments are missing, look for the files in the current working directory. This allows to quickly get a template by just runningpwn template
(and maybe--host
+--port
for remote instances) and have the arguments filled in automatically. Less typing - more pwning!This is inspired by https://github.com/io12/pwninit
Related #2276