pwninit 1.0.0

automate starting binary exploit challenges
pwninit-1.0.0 is not a library.


A tool for automating starting binary exploit challenges


  • Set challenge binary to be executable
  • Download a linker (*) that can flawlessly LD_PRELOAD the provided libc
  • Download debug symbols and unstrip the libc
  • Fill in a template pwntools solve script


Short version

Run pwninit

Long version

Run pwninit in a directory with the relevant files and it will detect which ones are the binary, libc, and linker. If the detection is wrong, you can specify the locations with --bin, --libc, and --ld.


Arch Linux

Install pwninit from the AUR.

Using cargo

cargo install pwninit

The binary will be placed in ~/.cargo/bin.


$ ls
hunter  readme

$ pwninit
bin: ./hunter
libc: ./

fetching linker
unstripping libc
setting ./ executable
writing stub

$ ls
hunter  readme

#!/usr/bin/env python2

from pwn import *

exe = ELF("./hunter")
libc = ELF("./")
ld = ELF("./")

context.binary = exe

def conn():
    if args.LOCAL:
        return process([ld.path, exe.path], env={"LD_PRELOAD": libc.path})
        return remote("addr", 1337)

def main():
    r = conn()

    # good luck pwning :)


if __name__ == "__main__":