search

seclab-ucr / KOOBE

Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities
MIT License
84 stars 17 forks source link

Bump pwntools from 4.0.1 to 4.3.1 in /s2e/source/s2e-env #3

Open dependabot[bot] opened 3 years ago

dependabot[bot] commented 3 years ago

Bumps pwntools from 4.0.1 to 4.3.1.

Release notes

Sourced from pwntools's releases.

Release 4.3.1

  • #1732 Fix shellcraft SSTI vulnerability (first major pwntools vuln!)

Release 4.3.0

  • Speed up ELF PLT loading (#1515)
  • Take numbwritten bytes into account in FmtString (#1471)
  • Support opening of new windows in WSL (#1503)
  • #1576 Add executable= argument to ELF.search
  • #1584 Add jmp_esp/jmp_rsp attribute to ROP
  • #1592 Fix over-verbose logging of process() environment
  • #1593 Colorize output of pwn template
  • #1601 Add pwn version command line tool
  • #1605 Add to fiddling.hexdump a way to suppress the total at the end
  • #1613 Permit --password for pwn template
  • #1564 Fix asm() and disasm() for PowerPC64, MIPS64, Sparc64
  • #1621 Permit negative values in flat() and fit()
  • many more

Release 4.3.0beta0

  • Speed up ELF PLT loading (#1515)
  • Take numbwritten bytes into account in FmtString (#1471)
  • Support opening of new windows in WSL (#1503)
  • #1576 Add executable= argument to ELF.search
  • #1584 Add jmp_esp/jmp_rsp attribute to ROP
  • #1592 Fix over-verbose logging of process() environment
  • #1593 Colorize output of pwn template
  • #1601 Add pwn version command line tool
  • #1605 Add to fiddling.hexdump a way to suppress the total at the end
  • #1613 Permit --password for pwn template
  • #1564 Fix asm() and disasm() for PowerPC64, MIPS64, Sparc64
  • #1621 Permit negative values in flat() and fit()

Release 4.2.2

Bugfix release over 4.2.1

Release 4.2.1

#1625 GDB now properly loads executables with QEMU

Release 4.2.0beta0

  • #1436 Add ret2dlresolve automation
  • fecf9f tubes.ssh.process() no longer requires python 2 installed on remote (still requires python, though)
  • Miscellanous improvements to DynElf and fmtstr leaker (see examples/fmtstr/exploit2.py)
  • #1454 Support for windows console colors

Release 4.1.1

  • Fix PLT resolution by locking unicorn <1.0.2rc4 (#1538)
  • Fix wrong ELF/context unpack handling (c4c11a37)
  • Fix updating of ELF.functions addresses after changing ELF.address #1512 (#1513)

... (truncated)

Changelog

Sourced from pwntools's changelog.

4.3.1

  • #17321732 Fix shellcraft SSTI vulnerability (first major pwntools vuln!)

4.3.0

  • #15761576 Add executable= argument to ELF.search
  • #15841584 Add jmp_esp/jmp_rsp attribute to ROP
  • #15921592 Fix over-verbose logging of process() environment
  • #15931593 Colorize output of pwn template
  • #16011601 Add pwn version command line tool
  • #16051605 Add to fiddling.hexdump a way to suppress the total at the end
  • #16131613 Permit --password for pwn template
  • #16161616 Fix cyclic cli for 64 bit integers
  • #15641564 Fix asm() and disasm() for PowerPC64, MIPS64, Sparc64
  • #16211621 Permit negative values in flat() and fit()

4.2.1

  • #16251625 GDB now properly loads executables with QEMU
  • #1663[1663] Change lookup algorithm of adb.which
  • #16991699 Fix broken linux shellcraft templates

4.2.0

  • #14361436 Add ret2dlresolve automation
  • fecf9f tubes.ssh.process() no longer requires python 2 installed on remote (still requires python, though)
  • Miscellanous improvements to DynElf and fmtstr leaker (see examples/fmtstr/exploit2.py)
  • #14541454 Support for windows console colors

... (truncated)

Commits
  • 957a5a5 Release 4.3.1
  • 2efb5a0 Merge branch 'issue-1427' into stable
  • 442fede Auto-generated files
  • 138188e Fix pwntools shellcraft SSTI vulnerability
  • 5dfcb53 Apparently python 2 does not have lru_cache.
  • 5db149a Release 4.3.0
  • ddb5798 Merge branch 'stable' into beta
  • f1624dc Release 4.2.2
  • a824e83 Only require changelog if major changes present
  • dff2e80 Fix udp socket server AttributeError (#1706)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/seclab-ucr/KOOBE/network/alerts).