# PwnTools

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>
```
pip3 install pwntools
```
## Pwn asm

Pata **opcodes** kutoka kwenye mstari au faili.
```
pwn asm "jmp esp"
pwn asm -i <filepath>
```
**Inaweza kuchagua:**

* aina ya matokeo (raw, hex, string, elf)
* muktadha wa faili ya matokeo (16, 32, 64, linux, windows...)
* epuka herufi (mistari mipya, null, orodha)
* chagua kifaa cha kuhifadhi kwa kutumia gdb kukimbia matokeo

## **Pwn checksec**

Skripti ya Checksec
```
pwn checksec <executable>
```
## Pwn constgrep

## Pwn cyclic

Pata mfano
```
pwn cyclic 3000
pwn cyclic -l faad
```
**Inaweza kuchagua:**

* Alfabeti iliyotumiwa (herufi ndogo kwa chaguo-msingi)
* Urefu wa mfano wa kipekee (chaguo-msingi ni 4)
* Muktadha (16,32,64,linux,windows...)
* Chukua mbali (l) 

## Pwn debug

Ambatisha GDB kwa mchakato
```
pwn debug --exec /bin/bash
pwn debug --pid 1234
pwn debug --process bash
```
**Inaweza kuchagua:**

* Kwa kutekelezeka, kwa jina au kwa muktadha wa pid (16,32,64,linux,windows...)
* gdbscript ya kutekeleza
* njia ya sysroot

## Pwn disablenx

Zima nx ya kutekelezeka
```
pwn disablenx <filepath>
```
## Pwn disasm

Kuchambua nambari za hex opcodes
```
pwn disasm ffe4
```
**Inaweza kuchagua:**

* muktadha (16,32,64,linux,windows...)
* anwani ya msingi
* rangi (chaguo-msingi)/bila rangi

## Pwn elfdiff

Chapisha tofauti kati ya faili 2
```
pwn elfdiff <file1> <file2>
```
## Pwn hex

Pata uwakilishi wa hexadecimal
```bash
pwn hex hola #Get hex of "hola" ascii
```
## Pwn shahada

Pata hexdump
```
pwn phd <file>
```
**Inaweza kuchagua:**

* Idadi ya baits za kuonyesha
* Idadi ya baits kwa kila mstari kuonyesha bait
* Kuruka baits mwanzoni

## Pwn pwnstrip

## Pwn scrable

## Pwn shellcraft

Pata shellcodes
```
pwn shellcraft -l #List shellcodes
pwn shellcraft -l amd #Shellcode with amd in the name
pwn shellcraft -f hex amd64.linux.sh #Create in C and run
pwn shellcraft -r amd64.linux.sh #Run to test. Get shell
pwn shellcraft .r amd64.linux.bindsh 9095 #Bind SH to port
```
**Inaweza kuchagua:**

* shellcode na hoja za shellcode
* Faili ya nje
* muundo wa matokeo
* kurekebisha (unganisha dbg kwa shellcode)
* kabla (kizuizi cha kurekebisha kabla ya nambari)
* baada ya
* epuka kutumia opcodes (chaguo-msingi: sio tupu na mstari mpya)
* Tekeleza shellcode
* Rangi/bila rangi
* orodha ya syscalls
* orodha ya shellcodes inayowezekana
* Zalisha ELF kama maktaba iliyoshirikiwa

## Kigezo cha Pwn

Pata kigezo cha Python
```
pwn template
```
**Inaweza kuchagua:** mwenyeji, bandari, mtumiaji, nenosiri, njia na kimya

## Pwn unhex

Kutoka hex hadi string
```
pwn unhex 686f6c61
```
## Sasisha Pwn

Ili kusasisha pwntools
```
pwn update
```
<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>