3.11.0

3.11.0

• #1044 Enhancements to ROP
  • Much better support for 64-bit Intel (amd64) ROP
  • ROP gadget selection is optimized to favor multi-pops instead of multiple single-pop gadgets
  • Added support for blacklisting byte values in ROP gadget addresses
• #1049 Enhancements to cyclic
  • context now has two additional attributes, cyclic_alphabet and cyclic_length, which correspond to the arguments alphabet and n to cyclic() and cyclic_find() and related routines.
  • The motivation for this change is to allow setting the alphabet globally, so that any padding / patterns generated internally to pwntools can be controlled. The specific motivation is blacklisting values in ROP padding.
• #1052 Enhancements for detecting QEMU_LD_PREFIX used by QEMU user-mode emulation for sysroots
• #1035 Minor documentation changes
• #1032 Enhancements to pwn template
• #1031 More accurate Coredump.fault_addr on amd64
• #1084 Fix broken tests due to ftp.debian.org going down

3.10.0

3.10.0

• #1007 Add support for setting a gdbinit file in the context
• #1055 Fixes for Corefile stack parsing, speed up ELF.string()
• #1057 Fix a variable name typo in DynELF logging which results in an exception being thrown
• #1058 Fix an edge case in ssh_process.exe

3.9.2

3.9.2

• #1043 Do not attempt to populate the libraries used by statically-linked binaries

3.9.1

3.9.1

• #1038 Fix an issue with process() where glibc would buffer data internally, causing a hang on select()
• #1036 Fix Travis CI logging verbosity
• #1029 Fix some unicode issues when using the readline command history in tube.interactive()

3.9.0

3.9.0

• #1003 Make concat_all faster while also simplifying it's logic
• #1014 Fix for overwritten env when parsing core file
• #1023 Fixes to Travis CI

3.8.0

3.8.0

• #981 Fixed RELRO detection logic
• #986 Enhancements to DynELF for controlling usage of LibcDB
• A few documentation fixes
• A few fixes for the Docker image

3.7.1

3.7.1

• #998 Fix a bug where integer values could not be set in .pwn.conf.

3.7.0

3.7.0

• #933 DynELF works better with different base addresses
• #952 A few small fixes were made to pwn template, and the CRC database was updated.
• 5c72d62c Updated the CRC database

3.6.1

3.6.1

• #979+1a4a1e1 Fixed #974, a bug related to the terminal handling and numlock.
• #980 Fixed the pwn template command.

3.6.0

3.6.0

• #895 Added a Dockerfile to simplify testing setup and allow testing on OSX
• #897 Fixed some incorrect AArch64 syscals
• #893 Added the pwnlib.config module
  • Configuration options can now be set in ~/.pwn.conf
  • This replaces the old, undocumented mechanism for changing logging colors. Only @br0ns and @ebeip90 were likely using this.
  • More information is available in the documentation here.
• #899 Pwntools now uses Unicorn Engine to emulate PLT instructions to ensure correct mapping of PIE / RELRO binaries.
• #904 Enhancements to the accuracy of the pwn checksec command.
• #905 Added a pwn debug command-line utility which automates the process of gdb.attach(process(...)) to spawn GDB
  • More information is available in the documentation here
• #919 Added a pwn template command-line utility to simplify the process of bootstrapping a new exploit.
  • More information is available in the documentation here.
• #948 Fix unnecessary warning for Core files
• #954 Fix list processing in ~/.pwn.conf
• #967 Respect TERM_PROGRAM for run_in_new_terminal
• #970 Fix overly-aggressive corefile caching