pwnenv is a series of docker containers that I made, which allow you to run and debug linux binaries with the desired libc.
- Switched out the 3 containers for 1
- Updated vimrc and zshrc
- Removed non privilaged user (everything happens with the root user)
This started as a fork of pwndocker by skysider
- zsh / tmux
- Custom pwntools templates for x86, x86-64, arm
- gdb with gef, pwndbg, peda (Article from Andreas Pogiatzis)
- one_gadget
- seccomp-tools
- reutils
- ropper
- ROPGadget
- main_arena_offset
- heap_inspect
- and many more
# Download From DockerHub
docker pull christoss/pwnenv
# or Bulding From Dockerfile
docker build -t <container-name> .I set this up so the containers can be started from anywhere. The run scripts automatically mount the current directory in the container.
I added the following code to the $PROFILE of powershell, so it creates this function (
pwnenv) when I open a new PS window.
$pwnenv = "<path-to-the-run-folder>"
function pwnenv ($arguments) {
& $pwnenv/run.ps1 $arguments
}Now just restart powershell, go to the woking directory and type pwnenv
For linux I do it by having the following two functions in the zshrc/bashrc file:
function checkContainerRunning() {
docker container ls -q -f name="$1"
}
function pwnenv() {
if [ $(checkContainerRunning "pwnenv") ]; then
docker exec -it pwnenv zsh
else
docker run --net=host --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -it --rm --name "pwnenv" -v "$(pwd)":/root/data "pwnenv"
fi
}This starts up the container if it is not running or executes bash if it is.