{"id":17230656,"url":"https://github.com/arthaud/formatstring","last_synced_at":"2025-04-14T02:31:50.254Z","repository":{"id":57431928,"uuid":"45345000","full_name":"arthaud/formatstring","owner":"arthaud","description":"Format string exploitation helper","archived":false,"fork":false,"pushed_at":"2015-11-16T10:58:55.000Z","size":439,"stargazers_count":45,"open_issues_count":0,"forks_count":3,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-11T08:17:12.190Z","etag":null,"topics":["exploitation","formatstring","python","security"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/arthaud.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-11-01T15:07:39.000Z","updated_at":"2024-10-27T00:17:47.000Z","dependencies_parsed_at":"2022-09-02T11:01:40.386Z","dependency_job_id":null,"html_url":"https://github.com/arthaud/formatstring","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arthaud%2Fformatstring","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arthaud%2Fformatstring/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arthaud%2Fformatstring/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arthaud%2Fformatstring/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/arthaud","download_url":"https://codeload.github.com/arthaud/formatstring/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248810883,"owners_count":21165195,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exploitation","formatstring","python","security"],"created_at":"2024-10-15T04:53:38.943Z","updated_at":"2025-04-14T02:31:45.242Z","avatar_url":"https://github.com/arthaud.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Formatstring\n\nFormatstring is a **python 3** library to help the exploitation of **format string vulnerabilities**.\n\n## Install\n\n**formatstring** can be installed from PyPI (Python package index) using pip:\n```bash\npip install formatstring\n```\n\n## Examples\n\n* Generate a pattern to detect the offset of the printed buffer\n```bash\n$ fmtstr_pattern_create 255\nABCDEFGH|%1$p|%2$p|%3$p|%4$p|%5$p|%6$p|%7$p|%8$p|%9$p|%10$p\n```\n\n* Compute the offset, given the result of the format string on the previous pattern\n```bash\n$ fmtstr_pattern_offset --arch x86_32\nEnter the result of the format string on a pattern given by pattern_create:\nABCDEFGH|0x400|0xf776e5a0|0x4|0x4|0x7|0x1b3220|0x43424120|0x47464544|0x31257c48|0x257c7024\nFound buffer at offset 8\n```\n\n* Generate a payload to read at a given address\n```python\nimport sys\nfrom formatstring import *\n\nsettings = PayloadSettings(offset=8, arch=x86_32)\n\np = ReadPayload(0x8048590)\nsys.stdout.buffer.write(p.generate(settings))\n```\n\n* Generate a payload to write at various addresses\n```python\nimport sys\nfrom formatstring import *\n\nsettings = PayloadSettings(offset=8, arch=x86_32)\n\np = WritePayload()\np[0x8049790] = b'/bin/sh\\x00'\np[0x80497a8] = struct.pack('@I', 0x01020304)\nsys.stdout.buffer.write(p.generate(settings))\n```\n\n## Doc\n\nThe full documentation is [available here](https://github.com/arthaud/formatstring/wiki/User's-guide).\n\n## Contributors\n\nAuthor: Maxime Arthaud (maxime@arthaud.me)\n\n## License\n\nformatstring is under The MIT License (MIT)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farthaud%2Fformatstring","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Farthaud%2Fformatstring","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farthaud%2Fformatstring/lists"}