当电脑建立相关环境遇到一些麻烦后,如何重新快速搭建pwn相关的linux环境是个重要的的问题,写篇博客给自己记一下
1.设置root密码
sudo passwd root
2.安装pip
sudo apt-get install python-pip
3.安装pwntools
pip install pwntools
4.转储ida server(方便ida远程调试)
5.安装LibcSearcher
git clone https://github.com/lieanu/LibcSearcher.git
sudo python setup.py install
6.安装peda
git clone https://github.com/longld/peda.git ~/peda
echo "source ~/peda/peda.py" >> ~/.gdbinit
7.安装gef
wget -q -O- https://github.com/hugsy/gef/raw/master/gef.sh | sh
wget -q -O ~/.gdbinit-gef.py https://github.com/hugsy/gef/raw/master/gef.py
echo source ~/.gdbinit-gef.py >> ~/.gdbinit
8.安装pwndbg
git clone https://github.com/pwndbg/pwndbg
cd pwndbg
./setup.sh
9.建立gdb插件管理工具gdb.sh
vim gdb.sh
#!/bin/bash
function Mode_change {
name=$1
gdbinitfile=~/.gdbinit #这个路径按照你的实际情况修改
# gdbinitfile=/root/Desktop/mode
peda="source ~/peda/peda.py" #这个路径按照你的实际情况修改
gef="source /home/hu/.gdbinit-gef.py" #这个路径按照你的实际情况修改
pwndbg="source ~/pwndbg/gdbinit.py" #这个路径按照你的实际情况修改
sign=$(cat $gdbinitfile | grep -n "#this place is controled by user's shell")
#此处上面的查找内容要和你自己的保持一致
pattern=":#this place is controled by user's shell"
number=${sign%$pattern}
location=$[number+2]
parameter_add=${location}i
parameter_del=${location}d
message="TEST"
if [ $name -eq "1" ];then
sed -i "$parameter_del" $gdbinitfile
sed -i "$parameter_add $peda" $gdbinitfile
echo -e "Please enjoy the peda!\n"
elif [ $name -eq "2" ];then
sed -i "$parameter_del" $gdbinitfile
sed -i "$parameter_add $gef" $gdbinitfile
echo -e "Please enjoy the gef!\n"
else
sed -i "$parameter_del" $gdbinitfile
sed -i "$parameter_add $pwndbg" $gdbinitfile
echo -e "Please enjoy the pwndbg!\n"
fi
}
echo -e "Please choose one mode of GDB?\n1.peda 2.gef 3.pwndbg"
read -p "Input your choice:" num
if [ $num -eq "1" ];then
Mode_change $num
elif [ $num -eq "2" ];then
Mode_change $num
elif [ $num -eq "3" ];then
Mode_change $num
else
echo -e "Error!\nPleasse input right number!"
fi
gdb $1 $2 $3 $4 $5 $6 $7 $8 $9
将gdb.sh放置全局变量里,并把相关文件的所有者改为普通用户
#查看全局变量
echo $PATH
sudo chown 普通用户 文件夹名
10.安装one_gadget
gem install one_gadget
代码参考了很多大佬的博客