Merge branch 'dev' into pyinstaller

.github/workflows/docker.yml

@@ -13,40 +13,40 @@ jobs:
     steps:
       # Required for subdirectories in Git context
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to Docker Hub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_PASSWORD }}
 
       - name: Build and push base image
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         if: github.event_name == 'workflow_dispatch'
         with:
           context: "{{defaultContext}}:extra/docker/base"
           push: true
           tags: pwntools/pwntools:base
 
       - name: Build and push stable image
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         if: github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && github.ref == 'refs/heads/stable')
         with:
           context: "{{defaultContext}}:extra/docker/stable"
           push: true
           tags: pwntools/pwntools:stable
 
       - name: Build and push beta image
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         if: github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && github.ref == 'refs/heads/beta')
         with:
           context: "{{defaultContext}}:extra/docker/beta"
           push: true
           tags: pwntools/pwntools:beta
 
       - name: Build and push dev image
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         if: github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && github.ref == 'refs/heads/dev')
         with:
           context: "{{defaultContext}}:extra/docker/dev"
@@ -56,7 +56,7 @@ jobs:
             pwntools/pwntools:latest
 
       - name: Build and push ci image
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         if: github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && github.ref == 'refs/heads/dev')
         with:
           context: "{{defaultContext}}:travis/docker"

CHANGELOG.md

@@ -9,9 +9,11 @@ The table below shows which release corresponds to each branch, and what date th
 
 | Version          | Branch   | Release Date           |
 | ---------------- | -------- | ---------------------- |
-| [4.12.0](#4120)  | `dev`    |
-| [4.11.0](#4110)  | `beta`   |
-| [4.10.0](#4100)  | `stable` | May 21, 2023
+| [4.13.0](#4130-dev)  | `dev`    |
+| [4.12.0](#4120-beta)  | `beta`   |
+| [4.11.1](#4111-stable)  | `stable` | Nov 14, 2023
+| [4.11.0](#4110)  |          | Sep 15, 2023
+| [4.10.0](#4100)  |          | May 21, 2023
 | [4.9.0](#490)    |          | Dec 29, 2022
 | [4.8.0](#480)    |          | Apr 21, 2022
 | [4.7.1](#471)    |          | Apr 20, 2022
@@ -66,43 +68,68 @@ The table below shows which release corresponds to each branch, and what date th
 | [3.0.0](#300)    |          | Aug 20, 2016
 | [2.2.0](#220)    |          | Jan 5, 2015
 
-## 4.12.0 (`dev`)
+## 4.13.0 (`dev`)
+
+- [#2277][2277] elf: Resolve more relocations into GOT entries
+- [#2281][2281] FIX: Getting right amount of data for search fix
+- [#2293][2293] Add x86 CET status to checksec output
+- [#1763][1763] Allow to add to the existing environment in `process` instead of replacing it
+
+[2277]: https://github.com/Gallopsled/pwntools/pull/2277
+[2281]: https://github.com/Gallopsled/pwntools/pull/2281
+[2293]: https://github.com/Gallopsled/pwntools/pull/2293
+[1763]: https://github.com/Gallopsled/pwntools/pull/1763
+
+## 4.12.0 (`beta`)
+
 - [#2202][2202] Fix `remote` and `listen` in sagemath
 - [#2117][2117] Add -p (--prefix) and -s (--separator) arguments to `hex` command
+- [#2215][2215] Add pyinstaller hook to support bundling scripts using pwntools
 - [#2221][2221] Add shellcraft.sleep template wrapping SYS_nanosleep
 - [#2219][2219] Fix passing arguments on the stack in shellcraft syscall template
 - [#2212][2212] Add `--libc libc.so` argument to `pwn template` command
 - [#2257][2257] Allow creation of custom templates for `pwn template` command
-- [#2215][2215] Add pyinstaller hook to support bundling scripts using pwntools
+- [#2225][2225] Allow empty argv in ssh.process()
 
 [2202]: https://github.com/Gallopsled/pwntools/pull/2202
 [2117]: https://github.com/Gallopsled/pwntools/pull/2117
+[2215]: https://github.com/Gallopsled/pwntools/pull/2215
 [2221]: https://github.com/Gallopsled/pwntools/pull/2221
 [2219]: https://github.com/Gallopsled/pwntools/pull/2219
 [2212]: https://github.com/Gallopsled/pwntools/pull/2212
 [2257]: https://github.com/Gallopsled/pwntools/pull/2257
-[2215]: https://github.com/Gallopsled/pwntools/pull/2215
+[2225]: https://github.com/Gallopsled/pwntools/pull/2225
+
+## 4.11.1 (`stable`)
+
+- [#2271][2271] FIX: Generated shebang with path to python invalid if path contains spaces
+- [#2272][2272] Fix `tube.clean_and_log` not logging buffered data
+- [#2281][2281] FIX: Getting right amount of data for search fix
+- [#2287][2287] Fix `_countdown_handler` not invoking `timeout_change`
+- [#2294][2294] Fix atexit SEGV in aarch64 loader
 
-## 4.11.0 (`beta`)
+[2271]: https://github.com/Gallopsled/pwntools/pull/2271
+[2272]: https://github.com/Gallopsled/pwntools/pull/2272
+[2281]: https://github.com/Gallopsled/pwntools/pull/2281
+[2287]: https://github.com/Gallopsled/pwntools/pull/2287
+[2294]: https://github.com/Gallopsled/pwntools/pull/2294
+
+## 4.11.0
 
 - [#2185][2185] make fmtstr module able to create payload without $ notation 
 - [#2103][2103] Add search for libc binary by leaked function addresses `libcdb.search_by_symbol_offsets()`
 - [#2177][2177] Support for RISC-V 64-bit architecture
 - [#2186][2186] Enhance `ELF.nx` and `ELF.execstack`
 - [#2129][2129] Handle `context.newline` correctly when typing in `tube.interactive()`
+- [#2214][2214] Fix bug at ssh.py:`download` and `download_file` with relative paths
+- [#2241][2241] Fix ssh.process not setting ssh_process.cwd attribute
+- [#2261][2261] Fix corefile module after pyelftools update
 
 [2185]: https://github.com/Gallopsled/pwntools/pull/2185
 [2103]: https://github.com/Gallopsled/pwntools/pull/2103
 [2177]: https://github.com/Gallopsled/pwntools/pull/2177
 [2186]: https://github.com/Gallopsled/pwntools/pull/2186
 [2129]: https://github.com/Gallopsled/pwntools/pull/2129
-
-## 4.10.1 (`stable`)
-
-- [#2214][2214] Fix bug at ssh.py:`download` and `download_file` with relative paths
-- [#2241][2241] Fix ssh.process not setting ssh_process.cwd attribute
-- [#2261][2261] Fix corefile module after pyelftools update
-
 [2214]: https://github.com/Gallopsled/pwntools/pull/2214
 [2241]: https://github.com/Gallopsled/pwntools/pull/2241
 [2261]: https://github.com/Gallopsled/pwntools/pull/2261

MANIFEST.in

@@ -6,4 +6,4 @@ include *.md *.txt *.sh *.yml MANIFEST.in
 recursive-include docs   *.rst *.png Makefile *.py *.txt
 recursive-include pwnlib *.py *.asm *.rst *.md *.txt *.sh __doc__ *.mako
 recursive-include pwn    *.py *.asm *.rst *.md *.txt *.sh
-recursive-exclude *.pyc
+global-exclude *.pyc

examples/clean_and_log.py

@@ -11,18 +11,24 @@
 """
 
 from pwn import *
+from multiprocessing import Process
 
-os.system('''((
-echo prefix sometext ;
-echo prefix someothertext ;
-echo here comes the flag ;
-echo LostInTheInterTubes
-) | nc -l 1337) &
-''')
+def submit_data():
+    with context.quiet:
+        with listen(1337) as io:
+            io.wait_for_connection()
+            io.sendline(b'prefix sometext')
+            io.sendline(b'prefix someothertext')
+            io.sendline(b'here comes the flag')
+            io.sendline(b'LostInTheInterTubes')
 
-r = remote('localhost', 1337)
-atexit.register(r.clean_and_log)
+if __name__ == '__main__':
+    p = Process(target=submit_data)
+    p.start()
 
-while True:
-    line = r.recvline()
-    print(re.findall(r'^prefix (\S+)$', line)[0])
+    r = remote('localhost', 1337)
+    atexit.register(r.clean_and_log)
+
+    while True:
+        line = r.recvline()
+        print(re.findall(br'^prefix (\S+)$', line)[0])

extra/docker/beta/Dockerfile

@@ -2,6 +2,6 @@ FROM pwntools/pwntools:stable
 
 USER root
 RUN python2.7 -m pip install --upgrade git+https://github.com/Gallopsled/pwntools@beta \
-    && python3 -m pip install --upgrade git+https://github.com/Gallopsled/pwntools@beta
+    && python3 -m pip install --force-reinstall --upgrade git+https://github.com/Gallopsled/pwntools@beta
 RUN PWNLIB_NOTERM=1 pwn update
 USER pwntools

extra/docker/dev/Dockerfile

@@ -2,6 +2,6 @@ FROM pwntools/pwntools:stable
 
 USER root
 RUN python2.7 -m pip install --upgrade git+https://github.com/Gallopsled/pwntools@dev \
-    && python3 -m pip install --upgrade git+https://github.com/Gallopsled/pwntools@dev
+    && python3 -m pip install --force-reinstall --upgrade git+https://github.com/Gallopsled/pwntools@dev
 RUN PWNLIB_NOTERM=1 pwn update
 USER pwntools

extra/docker/stable/Dockerfile

@@ -2,6 +2,6 @@ FROM pwntools/pwntools:base
 
 USER root
 RUN python2.7 -m pip install --upgrade git+https://github.com/Gallopsled/pwntools@stable \
-    && python3 -m pip install --upgrade git+https://github.com/Gallopsled/pwntools@stable
+    && python3 -m pip install --force-reinstall --upgrade git+https://github.com/Gallopsled/pwntools@stable
 RUN PWNLIB_NOTERM=1 pwn update
 USER pwntools

pwnlib/commandline/__init__.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 __all__ = [
     'asm',
     'checksec',

pwnlib/commandline/asm.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/checksec.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/constgrep.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/cyclic.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/debug.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/disablenx.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/disasm.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 from __future__ import print_function

pwnlib/commandline/elfdiff.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/elfpatch.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/hex.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/libcdb.py

@@ -221,7 +221,7 @@ def main(args):
             exe = ELF(file, checksec=False)
             log.info('%s', text.red(os.path.basename(file)))
 
-            libc_version = re.search(b'libc[ -](\d+\.\d+)', exe.data)
+            libc_version = re.search(br'libc[ -](\d+\.\d+)', exe.data)
             if libc_version:
                 log.indented('%-20s %s', text.green('Version:'), libc_version.group(1).decode())
 

pwnlib/commandline/phd.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/shellcraft.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/template.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division
 

pwnlib/commandline/unhex.py

@@ -1,4 +1,3 @@
-#!/usr/bin/env python2
 from __future__ import absolute_import
 from __future__ import division