A process
is the main way you interact with something in pwntools, and starting one is easy.
You can also start remote processes and connect to sockets using remote
:
The power of pwntools
is incredibly simple communication with your processes.
Sends data
to the process. Data can either be a string
or a bytes-like object
- pwntools handles it all for you.
Sends data
to the process, followed by a newline character \n
. Some programs require the \n
to take in the input (think about how you need to hit the enter key to send the data with nc
) while others don't.
p.sendline(data)
is equivalent to p.send(data + '\n')
An incorrect number of these may cause your exploit to stall when there's nothing wrong with it. This should be the first thing you check. If you're uncertain, use p.clean()
instead.
Receives numb
bytes from the process.
Receives all the data until it encounters the delimiter
, after which it returns the data. If drop
is True
then the returned data does not include the delimiter
.
Essentially equivalent to p.recvuntil('\n', drop=keepends)
.
Receives up until a \n
is reached, then returns the data including the \n
if keepends
is True
.
Receives all data for timeout
seconds and returns it. Another similar function is p.recvall()
, but this regularly takes far too long to execute so p.clean()
is much better.
All receiving functions all contain a timeout
parameter as well as the other listed ones.
For example, p.recv(numb=16, timeout=1)
will execute but if numb
bytes are not received within timeout
seconds the data is buffered for the next receiving function and an empty string ''
is returned.