跳转至

PWN虚拟机配置

PWN虚拟机配置

吐了,以后至少留两个版本的快照

安装虚拟机

虚拟机选好直接 vmware 简易安装先

1592555961718-3d130aea-c913-483e-83b1-8a48bb0d17cf.png

安装 VM-tools

(全选y)(安装完成重启生效)

sudo apt-get install open-vm-tools-desktop

虚拟机挂起恢复后,无法联网

sudo service network-manager restart

换源

vim /etc/apt/sources.list

deb http://mirrors.aliyun.com/ubuntu/ xenial main
deb-src http://mirrors.aliyun.com/ubuntu/ xenial main
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main
deb http://mirrors.aliyun.com/ubuntu/ xenial universe
deb-src http://mirrors.aliyun.com/ubuntu/ xenial universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-security main
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main
deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security universe

改系统语言

1592559435520-c5c0dcd7-cdc2-4bfa-9093-bdffdd1774cc.png

1592559615812-86defd9c-3785-4b52-8d11-caaf89126e33.png

把汉语拖到最上面,然后应用到系统

1592559739435-2846f6d6-737b-49e0-87a9-be8945076696.png

这个选项也是,然后重启,打开之后跟换名称随意

1592559816694-ba4dff42-dc13-4923-b237-281a1294146a.png

如果文字变成楷体之类的很难看

sudo apt-get remove fonts-arphic-ukai

sudo apt-get remove fonts-arphic-uming

安装 pip

sudo apt-get install python-pip

sudo apt-get install python3-pip

pip 换源

vim ~/.pip/pip.conf

[global]
index-url = https://pypi.tuna.tsinghua.edu.cn/simple

安装 pwntools

pip install pwntools

GDB 插件

git clone https://github.com/yichen115/GDB-Plugins

在 pwndbg 文件夹中 git init 初始化一下,然后运行 ./setup.sh 安装

想用 peda:echo "source ~/GDB-Plugins/peda/peda.py" > ~/.gdbinit

想用 peda-heap:echo "source ~/GDB-Plugins/peda-heap/peda.py" > ~/.gdbinit(感觉这个挺好用的,扩展了 heap 的功能,还保留了 peda 的)

想用 gef:echo "source ~/GDB-Plugins/gef/gef.py" > ~/.gdbinit

想用 pwndbg:echo "source ~/GDB-Plugins/pwndbg/gdbinit.py" > ~/.gdbinit

安装 one_gadget

sudo apt-get install ruby -y
sudo apt-get install gem -y
sudo gem install one_gadget

安装 32 位的库

sudo apt-get install lib32ncurses5
sudo apt-get install lib32z1

安装 LibcSearcher

git clone https://github.com/lieanu/LibcSearcher.git
cd LibcSearcher
python setup.py develop

main_arena_offset

用来计算 main_arena 的偏移

git clone https://github.com/bash-c/main_arena_offset

安装seccomp-tools

用来读取 seccomp 沙箱规则

sudo apt install gcc ruby-dev
gem install seccomp-tools

要是说 ruby 版本不对

sudo add-apt-repository ppa:brightbox/ruby-ng
sudo apt-get update
sudo apt-get purge --auto-remove ruby
sudo apt-get install ruby2.6 ruby2.6-dev
gem install seccomp-tools

1596160947258-a0102fd9-70f9-496f-80ac-4b3ab395bc4b.png

原文: https://www.yuque.com/hxfqg9/bin/hg3qeh