What tools are considered core for a pwn environment?

Core tools are pwntools, gdb, pwndbg, and checksec; pwntools provides scripting capabilities, while pwndbg enhances GDB.

How do I auto-install missing dependencies?

Run Python package installs like python3 -m pip install pwntools ROPgadget ropper and Ruby gems like gem install one_gadget seccomp-tools; use apt or your OS package manager for system tools.

How is the workspace organized?

Use a standard layout: challenge-name/ with exploit.py, solve.py, notes.md, core/, libc/, and a .gdbinit for project-specific GDB configuration.

PWN Environment Setup

npx machina-cli add skill allsmog/pwn-claude-plugin/environment-setup --openclaw

Files (1)

SKILL.md

4.9 KB

PWN Environment Setup

Overview

This skill provides methodology for setting up a complete binary exploitation environment, including tool detection, automatic installation of missing dependencies, and workspace organization for exploit development.

Required Tools

Core Tools (Must Have)

Tool	Purpose	Installation
pwntools	Exploit development framework	`pip install pwntools`
gdb	Debugger	System package manager
pwndbg	GDB enhancement	`git clone https://github.com/pwndbg/pwndbg`
checksec	Binary protection checker	Via pwntools or `apt install checksec`

Recommended Tools

Tool	Purpose	Installation
ROPgadget	ROP gadget finder	`pip install ROPgadget`
ropper	Alternative gadget finder	`pip install ropper`
one_gadget	Libc one-shot gadgets	`gem install one_gadget`
seccomp-tools	Seccomp filter analyzer	`gem install seccomp-tools`
radare2	Disassembler/debugger	System package manager

Environment Verification Process

Step 1: Check Python Environment

Verify Python 3.8+ is available:

python3 --version

Check if pwntools is installed and functional:

python3 -c "from pwn import *; print(f'pwntools {pwnlib.version.__version__}')"

Step 2: Check GDB and Extensions

Verify GDB is installed:

gdb --version

Check for pwndbg by looking for its initialization:

gdb -q -ex "show configuration" -ex "quit" 2>&1 | grep -i pwndbg || echo "pwndbg not detected"

Step 3: Check Binary Analysis Tools

Run the tool verification script at ${CLAUDE_PLUGIN_ROOT}/skills/environment-setup/scripts/check-tools.sh to verify all tools.

Step 4: Auto-Install Missing Python Packages

For missing Python packages, install via pip:

pip install pwntools ROPgadget ropper

For Ruby gems (one_gadget, seccomp-tools):

gem install one_gadget seccomp-tools

Workspace Structure

Create a standard workspace for exploit development:

challenge-name/
├── exploit.py          # Main exploit script
├── solve.py            # Alternative/cleaned exploit
├── notes.md            # Analysis notes
├── core/               # Core dumps
├── libc/               # Libc files if provided
└── .gdbinit            # Project-specific GDB config

To create this structure:

mkdir -p challenge-name/{core,libc}
touch challenge-name/{exploit.py,notes.md,.gdbinit}

GDB Configuration for pwndbg

Create a project-specific .gdbinit:

# Load pwndbg if not auto-loaded
# source ~/pwndbg/gdbinit.py

# Disable ASLR for local testing
set disable-randomization on

# Follow child on fork (useful for some challenges)
set follow-fork-mode child

# Common breakpoints
# b main
# b *vuln_function

# Display useful info on stop
define hook-stop
    info registers
end

Pwntools Context Setup

Initialize pwntools with correct context for the target:

from pwn import *

# Auto-detect from binary
elf = ELF('./binary')
context.binary = elf

# Or manual specification
context.arch = 'amd64'  # or 'i386', 'arm', 'aarch64'
context.os = 'linux'
context.log_level = 'debug'  # 'info', 'warning', 'error'

# For shellcode
context.endian = 'little'

Common Issues and Solutions

Issue: pwntools not finding GDB

Ensure GDB is in PATH and pwntools can locate it:

context.terminal = ['tmux', 'splitw', '-h']  # or ['gnome-terminal', '--']

Issue: Permission denied on binary

Make binary executable:

chmod +x ./binary

Issue: libc version mismatch

Use patchelf to set correct interpreter and libc:

patchelf --set-interpreter ./ld-linux.so.2 ./binary
patchelf --set-rpath . ./binary

Output Format

When reporting environment status:

## Environment Setup

### Findings
- Python: 3.11.0
- pwntools: 4.11.0
- GDB: 13.2 with pwndbg
- Missing tools: one_gadget, seccomp-tools

### Actions Taken
- Installed ROPgadget via pip
- Created workspace structure

### Remaining Setup
- Install Ruby gems: gem install one_gadget seccomp-tools
- Configure GDB terminal for pwntools

Additional Resources

Scripts

scripts/check-tools.sh - Verify all pwn tools are installed
scripts/setup-workspace.sh - Create standard workspace structure

References

references/tool-installation.md - Detailed installation guides for each tool
references/troubleshooting.md - Common setup issues and solutions

Source

git clone https://github.com/allsmog/pwn-claude-plugin/blob/main/pwn-htb/skills/environment-setup/SKILL.mdView on GitHub

Overview

This skill guides you to assemble a complete binary exploitation setup, detect missing tools, install them automatically, and organize an exploit development workspace. It covers core tools like pwntools, gdb, pwndbg, and checksec, plus recommended utilities. It also outlines verification steps to ensure tools are present and functioning.

How This Skill Works

The process detects installed versions of Python, pwntools, gdb, pwndbg, and related utilities, then installs missing dependencies via pip or gem and configures a standard workspace. It also provides a project-specific GDB init and pwntools context setup to streamline exploitation work.

When to Use It

Starting a new binary exploitation project and needs a clean, reproducible workspace.
Installing core tools (pwntools, gdb, pwndbg) or verifying their availability on a host.
Verifying that pwntools, checksec, and other utilities are correctly installed and functional.
Initializing a standard exploit project structure (exploit.py, notes.md, core/, libc/, .gdbinit).
Setting up pwndbg integration and pwntools context for a target binary.

Quick Start

Step 1: Check Python, pwntools, and GDB versions on your host.
Step 2: Install missing tools: python3 -m pip install pwntools ROPgadget ropper; gem install one_gadget seccomp-tools; ensure GDB and pwndbg are present.
Step 3: Create the standard workspace (challenge-name/ with exploit.py, notes.md, core/, libc/, .gdbinit) and configure pwntools context and a project-specific GDB init.

Best Practices

Check for Python 3.8+ and compatible tool versions before installing.
Detect missing tools before attempting installation to save time.
Use a consistent workspace layout to simplify collaboration and reuse.
Automate installs with pip, gem, and system package managers where possible.
Keep GDB configuration and pwntools context synchronized with project needs.

Example Use Cases

Setting up a fresh HTB/pwn challenge environment with a standard layout.
Creating a Docker image that installs pwntools, pwndbg, and checksec for reuse.
Running the environment verification script to confirm tool availability on a new VM.
Initializing exploit.py and notes.md in a challenge workspace for rapid development.
Troubleshooting pwntools not locating GDB by ensuring PATH and environment variables are correct.

Frequently Asked Questions

Add this skill to your agents