1. 更新系统和安装基本依赖
首先确保系统是最新的,并安装必要的编译工具和依赖库:
sudo apt update && sudo apt upgrade -y
sudo apt install build-essential python3 python3-pip git gdb gdb-multiarch libc6-dbg libffi-dev libssl-dev
|
pwntools 是 Python 编写的用于二进制漏洞利用开发的强大库,我们将在虚拟环境中安装它:
sudo apt-get install python3-venv
python3 -m venv pwn_env
source pwn_env/bin/activate
pip install --upgrade pip
pip install pwntools
|
3. 安装 pwndbg(GDB 增强工具)
cd ~
git clone https://github.com/pwndbg/pwndbg
cd pwndbg
./setup.sh
|
4. 配置 Pwn 环境(可选但推荐)
echo 0 | sudo tee /proc/sys/kernel/randomize_va_space
echo 2 | sudo tee /proc/sys/kernel/randomize_va_space
echo "alias gdb='gdb -q'" >> ~/.bashrc
echo "alias pwndbg='gdb -q -ex \"source ~/pwndbg/gdbinit.py\"'" >> ~/.bashrc
source ~/.bashrc
|
5. 安装其他常用 Pwn 工具
pip install ropgadget
wget -O ruby-install-0.8.3.tar.gz https://github.com/postmodern/ruby-install/archive/v0.8.3.tar.gz
tar -xzvf ruby-install-0.8.3.tar.gz
cd ruby-install-0.8.3/
sudo make install
ruby-install ruby 3.1.0
echo 'export PATH="$HOME/.rubies/ruby-3.1.0/bin:$PATH"' >> ~/.bashrc
source ~/.bashrc
~/.rubies/ruby-3.1.0/bin/gem install one_gadget
sudo apt install patchelf
sudo apt install binwalk
git clone https://github.com/lieanu/LibcSearcher.git
cd LibcSearcher
python3 setup.py develop
pip3 install capstone
pip3 install filebytes
git clone https://github.com/sashs/ropper.git
|
乱七八糟编译环境
sudo dpkg --add-architecture i386
sudo apt install gawk
sudo apt install libc6-dbg libc6-dbg:i386
sudo apt-get install links:i386
sudo apt-get install libstdc++6:i386 libgcc1:i386 zlib1g:i386 libncurses5:i386
sudo apt-get install gcc-multilib g++-multilib
sudo apt-get install libssl-dev libffi-dev build-essential
|
使用虚拟环境的注意事项
每次使用 Pwn 环境时,需要先激活虚拟环境:
source pwn_env/bin/activate
|
当完成工作后,可以使用以下命令退出虚拟环境:
