MCPcopy
hub / github.com/Gallopsled/pwntools / libc

Method libc

pwnlib/dynelf.py:488–516  ·  view source on GitHub ↗

libc(self) -> ELF Leak the Build ID of the remote libc.so, download the file, and load an ``ELF`` object with the correct base address. Returns: An ELF object, or None.

(self)

Source from the content-addressed store, hash-verified

486
487 @property
488 def libc(self):
489 """libc(self) -> ELF
490
491 Leak the Build ID of the remote libc.so, download the file,
492 and load an ``ELF`` object with the correct base address.
493
494 Returns:
495 An ELF object, or None.
496 """
497 libc = b'libc.so'
498
499 with self.waitfor('Downloading libc'):
500 dynlib = self._dynamic_load_dynelf(libc)
501
502 self.status("Trying lookup based on Build ID")
503 build_id = dynlib._lookup_build_id(libc)
504
505 if not build_id:
506 return None
507
508 self.status("Trying lookup based on Build ID: %s" % build_id)
509 path = libcdb.search_by_build_id(build_id)
510
511 if not path:
512 return None
513
514 libc = ELF(path)
515 libc.address = dynlib.libbase
516 return libc
517
518 def lookup (self, symb = None, lib = None):
519 """lookup(symb = None, lib = None) -> int

Callers

nothing calls this directly

Calls 5

waitforMethod · 0.95
_dynamic_load_dynelfMethod · 0.95
statusMethod · 0.95
ELFClass · 0.90
_lookup_build_idMethod · 0.80

Tested by

no test coverage detected