pwntools
是一个 CTF 框架和漏洞利用开发库,用 Python 开发,由 rapid 设计,旨在让使用者简单快速的编写 exploit。
网上针对 Mac OS 的安装教程大多都是基于 pip 安装的方式,无果,官方 Github 也没有相关的安装指南,文档于2016年就未再给出新的解决方案。Apple Store 在 2017 年在 Homebrew 提供了对 pwntools 的软件包的支持,给出了如下的解决方案。
- Press
Command Space
and type Terminal and press enter/return key. - Run in Terminal app:
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" < /dev/null 2> /dev/null
and press enter/return key. If the screen prompts you to enter a password, please enter your Mac's user password to continue. When you type the password, it won't be displayed on screen, but the system would accept it. So just type your password and press ENTER/RETURN key. Then wait for the command to finish. - Run:
brew install pwntools
Done! You can now use pwntools
.
针对上述解决方案,我尝试着进行了安装,未果,原因可能是因为 Mac OS 版本太低的问题,也通过 Python 的pip 安装,brew 安装的方式去尝试,都是失败,自己尝试编译源代码还是失败,最后查了一下资料,原来是缺少 Capstone,最终的解决方案在 stackoverflow 上找到了。
Capstone 是一个轻量级的多平台多架构支持的反汇编框架。支持包括 ARM,ARM64,MIPS 和 x86/x64 平台。
最终的解决方案如下:
capstone==3.0.5
still tries to build for both i386 and x86_64, this is already fixed on master and will be released with the next version. Looking at the Makefile, there are two possibilities:
- Turn off
MACOS_UNIVERSAL
: $ MACOS_UNIVERSAL=no pip install capstone - Install the development version from current master branch, with
LIBARCHS
already adapted for Mojave:
$ pip install "git https://github.com/aquynh/capstone.git#egg=capstone&subdirectory=bindings/python"
Make sure you use quotes in the last command or escape the ampersand (&
), otherwise bash will cut the command and run in background instead.
Once capstone
is installed, you will have to deal with unicorn
in the same manner and finally should be able to install pwntools
. I didn't test it anymore, but the one-liner for the installation will be
$ MACOS_UNIVERSAL=no pip install pwntools
参考文献
- Installing pwntools on macOS
- Capstone_Makefile
- Apple_Store_pwntools