Release 4.15.0beta0

What's Changed

• Deprecate 'keepends' argument in favor of 'drop' by @MrQubo in #2476
• Deprecate direct commandline scripts invocation and exclude nonsense ones by @tkmikan in #2364
• Cache output of asm() by @peace-maker in #2358
• Add tube.upload_manually to upload files in chunks by @peace-maker in #2410
• libcdb-cli: add --offline-only, refactor unstrip and add fetch parser for download libc-database by @the-soloist in #2478
• libcdb: improve the search speed of search_by_symbol_offsets by @the-soloist in #2413
• Allow to disable caching by @peace-maker in #2484
• darwin: Bump syscalls from sdk 15.1 by @patryk4815 in #2448
• Nicely handle non ELF files in checksec commandline tool by @tesuji in #2457
• Add ELF.close() to release resources by @peace-maker in #2444
• Properly close spawned kitty window by @k4lizen in #2471
• Redirect kitty kill command stderr to /dev/null by @k4lizen in #2472
• Extract libraries from Docker image in pwn template by @lcian in #2479
• Fix waiting for gdb under WSL2 by @peace-maker in #2470
• Stop using cmd.exe to keep current directory in WSL2 by @robbert1978 in #2488
• Only print checksec output of ELF.libc when it was printed for the ELF already by @peace-maker in #2483
• Throw error when using sni and setting server_hostname manually in remote by @peace-maker in #2482
• Fix attaching to a gdbserver with tuple gdb.attach(('0.0.0.0',12345)) by @ckxckx in #2291
• Fix loading ELF files without valid .dynamic section by @peace-maker in #2502
• ssh tube: replaced nonexistent key with str(e) in error handling method to get proper error message displayed in stacktrace by @findus in #2512
• Ignore a warning with unused args in asm on NIX by @sbancuz in #2508
• Update documentation for format strings by @Legoclones in #2501
• Update sphinx for Python 3.13 support by @peace-maker in #2503
• Cache HTTP requests to external libcdb services in CI by @peace-maker in #2487
• CI: Install pwntools on Windows and import it once by @peace-maker in #2450
• Fix collecting coverage in CI by @peace-maker in #2477

New Contributors

• @tesuji made their first contribution in #2457
• @lcian made their first contribution in #2479
• @robbert1978 made their first contribution in #2488
• @ckxckx made their first contribution in #2291
• @Legoclones made their first contribution in #2501
• @findus made their first contribution in #2512
• @sbancuz made their first contribution in #2508

Full Changelog: 4.14.0beta1...4.15.0beta0

Release 4.14.0

What's Changed

• Return buffered data on first EOF in tube.readline() by @peace-maker in #2376
• Add basic RISCV64 shellcraft support by @peace-maker and @LevitatingLion in #2322
• feat: Concatenate multiple shellcraft templates on commandline using shellcraft A + B by @cocoa-xu in #2398
• Add local libc database provider for libcdb by @the-soloist in #2356
• libcdb: Add offline parameter for search_by_hash series function by @the-soloist in #2360
• libcdb: add offline_only to search_by_symbol_offsets by @the-soloist in #2388
• libcdb.unstrip_libc: debug symbols are fetched only if not present already by @sswastik02 in #2374
• Add basic support to debug processes on Windows by @peace-maker in #2327
• Support asm/disasm on Windows by @peace-maker in #2437
• Change newline when setting context.os to "windows" by @peace-maker in #2330
• Add TTY escape function for file transfer by @Arusekk in #2422
• Shellcode socket IPV6 by @Dvorhack in #2415
• Add "none" ssh authentication method by @peace-maker in #2405
• Add port, gdb_args, and gdbserver_args to gdb.debug() by @gfelber in #2382
• gdb.debug: avoid 2s timeout if possible by @mephi42 in #2435
• Add functions for retrieving process mappings by @k4lizen in #2371
• fix fromsocket to deal with ipv6 socket by @leommxj in #2497
• Fix passing bytes to context.log_file and crc.BitPolynom by @marinelay in #2389
• Change from pop to keys for reporting proper error message by @marinelay in #2391
• Fix duplicate definition of ssh.sftp by @peace-maker in #2394
• Fix access of undefined ssh._tried_sftp in raw mode by @peace-maker in #2396
• Convert bytes-like object to string in apport_corefile() method by @sanjitkumar2016 in #2387
• Add resolution_addr parameter to Ret2dlresolvePayload by @k4lizen in #2436
• Docs: Add sudo for apt-get by @qux-bbb in #2395
• Updated Mac OS Install Documentation by @lewiswatson55 in #2392
• Improve remote() documentation by @MrQubo in #2427
• feat: use --no-cache-dir flag to pip in dockerfiles to save space by @Rajpratik71 in #2357
• Test Python version >= 3.10 in CI and fix tests on Python 3.12 by @peace-maker in #2486

New Contributors

• @Rajpratik71 made their first contribution in #2357
• @sswastik02 made their first contribution in #2374
• @lewiswatson55 made their first contribution in #2392
• @marinelay made their first contribution in #2389
• @qux-bbb made their first contribution in #2395
• @sanjitkumar2016 made their first contribution in #2387
• @Dvorhack made their first contribution in #2415
• @cocoa-xu made their first contribution in #2398
• @gfelber made their first contribution in #2382

Full Changelog: 4.13.1...4.14.0

Release 4.14.0beta1

What's Changed

• Fix parsing the PLT on Windows by @peace-maker in #2445
• Fix PLT emulation with Unicorn 2.1.0 by @peace-maker in #2466
• Backport: Fix typo for fallback to default number of console colors on windows by @peace-maker in #2467
• Fix: GDB 15.1 rpyc detection by @SecT0uch in #2469
• gdb: fix pid attach by @Arusekk in #2474

New Contributors

• @SecT0uch made their first contribution in #2469

Full Changelog: 4.14.0beta0...4.14.0beta1

Release 4.13.1

What's Changed

• Fix parsing the PLT on Windows by @peace-maker in #2445
• Fix PLT emulation with Unicorn 2.1.0 by @peace-maker in #2466
• Backport: Fix typo for fallback to default number of console colors on windows by @peace-maker in #2467
• Fix: GDB 15.1 rpyc detection by @SecT0uch in #2469
• gdb: fix pid attach by @Arusekk in #2474

New Contributors

• @SecT0uch made their first contribution in #2469

Full Changelog: 4.13.0...4.13.1

Release 4.14.0beta0

What's Changed

• Add local libc database provider for libcdb by @the-soloist in #2356
• libcdb: Add offline_only parameter for search_by_hash series function by @the-soloist in #2360
• libcdb: Add offline_only to search_by_symbol_offsets by @the-soloist in #2388
• libcdb.unstrip_libc: debug symbols are fetched only if not present by @sswastik02 in #2374
• Add basic support to debug processes on Windows by @peace-maker in #2327
• Support asm/disasm on Windows by @peace-maker in #2437
• Change newline when setting context.os to "windows" by @peace-maker in #2330
• Add basic RISCV64 shellcraft support by @peace-maker and @LevitatingLion in #2322
• Return buffered data on first EOF in tube.readline() by @peace-maker in #2376
• Add functions for retrieving process mappings by @k4lizen in #2371
• Add TTY escape function for file transfer by @Arusekk in #2422
• Add support for generating multiple shellcodes at a time in shellcraft by @cocoa-xu in #2398
• Shellcode socket IPV6 by @Dvorhack in #2415
• Add "none" ssh authentication method by @peace-maker in #2405
• Improve remote() documentation by @MrQubo in #2427
• Add port, gdb_args, and gdbserver_args to gdb.debug() by @gfelber in #2382
• gdb.debug: avoid 2s timeout if possible by @mephi42 in #2435
• Add resolution_addr parameter to Ret2dlresolvePayload by @k4lizen in #2436
• feat : use --no-cache-dir flag to pip in dockerfiles to save space by @Rajpratik71 in #2357
• Fix access of undefined ssh._tried_sftp in raw mode by @peace-maker in #2396
• Fix duplicate definition of ssh.sftp by @peace-maker in #2394
• Fix passing bytes to context.log_file and crc.BitPolynom by @marinelay in #2389
• Change from pop to keys for reporting proper error message by @marinelay in #2391
• Convert bytes-like object to string in apport_corefile() method by @sanjitkumar2016 in #2387
• Updated Mac OS Install Documentation by @lewiswatson55 in #2392

New Contributors

• @the-soloist made their first contribution in #2356
• @Rajpratik71 made their first contribution in #2357
• @sswastik02 made their first contribution in #2374
• @lewiswatson55 made their first contribution in #2392
• @marinelay made their first contribution in #2389
• @qux-bbb made their first contribution in #2395
• @sanjitkumar2016 made their first contribution in #2387
• @Dvorhack made their first contribution in #2415
• @cocoa-xu made their first contribution in #2398
• @gfelber made their first contribution in #2382
• @k4lizen made their first contribution in #2371

Full Changelog: 4.13.0...4.14.0beta0

Release 4.13.0

What's Changed

• Term module revamp: activating special handling of terminal only when necessary by @Arusekk in #2242
• Add support to start a process on Windows by @peace-maker in #2310
• Add x86 CET status to checksec output by @peace-maker in #2293
• Detect challenge binary and libc in pwn template by @peace-maker in #2309
• Fix getting right amount of data for ELF.search by @gordiig in #2281
• elf: Resolve more relocations into GOT entries by @Arusekk in #2277
• rop: Make stack move faster by @Arusekk in #2300
• Basic darwin support for shellcrafter by @patryk4815 in #2161
• Allow to add to the existing environment in process instead of replacing it by @heapcrash in #1763
• Allow to add to the existing environment in ssh instead of replacing it by @heapcrash in #1764
• Nicer error when running tmux exploit outside tmux by @peace-maker in #2314
• Windows shellcode: Make sure winexec is 16 byte aligned and add nCmdShow option by @kizzx2 in #2308
• Make pwn template always set context.binary by @FlorianKothmeier in #2279
• add timeout to gdbserver by @Ordoviz in #2321
• Lookup using $PATHEXT file extensions in which on Windows by @peace-maker in #2328
• Explicitly define p64/u64 functions for IDE support by @peace-maker in #2189
• fix: follow symlink for libs on ssh connection by @teddav in #2338
• Fix: Allow setting attributes on gdb Breakpoints by @Nils1729 in #2339
• Make sure TERM_PROGRAM points to a valid program in run_in_new_terminal by @peace-maker in #2329
• fix: split current iterm window during gdb.debug process by @teddav in #2341
• Retry failed lookups after one week in libcdb by @peace-maker in #2323
• Match against local system libc first in libcdb by @peace-maker in #2325
• Add ELF.stripped and ELF.debuginfo properties by @peace-maker in #2336
• Improved DynELF address resolutions and symbol lookups by @Bl4ck-C4t in #2335
• Add a flatten argument to ssh.libs by @ValekoZ in #2268
• Fix Unicorn Engine 1GB limit that calls exit: raise OSError instead (Fixes #2343) by @disconnect3d in #2347
• Bugfix gdb.debug: exe parameter now respected by @goreil in #2233
• Fix pwn constgrep when it matches a non-constant type (Fixes #2344) by @disconnect3d in #2345
• Fix pwn libcdb file crashing if "/bin/sh" string was not found by @xambroz in #2307
• Fix unhex for odd length bytes by @snarkyyy in #2333
• Fix displaying bright color variation in terminal output by @peace-maker in #2373
• Fix support for amd64 x32 ABI by @peace-maker in #2305
• Speed up disasm with color by @snarkyyy in #2334
• Don't go through a shell in gdb.debug by @peace-maker in #2378
• elf/corefile: Clean up pyelftools workarounds by @Arusekk in #2319
• checksec.py: import ELF instead of * by @disconnect3d in #2346
• libcdb.py - python 3.12 by @xambroz in #2302
• remove python2 shebangs by @xambroz in #2301
• Bump unicorn dependency to >=2.0.1 by @peace-maker in #2315

New Contributors

• @gordiig made their first contribution in #2281
• @xambroz made their first contribution in #2302
• @kizzx2 made their first contribution in #2308
• @FlorianKothmeier made their first contribution in #2279
• @Ordoviz made their first contribution in #2321
• @snarkyyy made their first contribution in #2333
• @teddav made their first contribution in #2338
• @Nils1729 made their first contribution in #2339
• @patryk4815 made their first contribution in #2161
• @Bl4ck-C4t made their first contribution in #2335
• @ValekoZ made their first contribution in #2268

Full Changelog: 4.12.0...4.13.0

Release 4.13.0beta0

What's Changed

• Term module revamp: activating special handling of terminal only when necessary by @Arusekk in #2242
• Detect challenge binary and libc in pwn template by @peace-maker in #2309
• Add support to start a process on Windows by @peace-maker in #2310
• Add basic darwin support for shellcrafter by @patryk4815 in #2161
• Explicitly define p64/u64 functions for IDE support by @peace-maker in #2189
• Add ELF.stripped and ELF.debuginfo properties by @peace-maker in #2336
• Fix: Allow setting attributes on gdb Breakpoints by @Nils1729 in #2339
• Fix gdb.debug: exe parameter now respected, allow empty argv by @goreil in #2233
• Fix getting right amount of data for ELF.search by @gordiig in #2281
• Add x86 CET status to checksec output by @peace-maker in #2293
• elf: Resolve more relocations into GOT entries by @Arusekk in #2277
• rop: Make stack move faster by @Arusekk in #2300
• Fix Python 3.12 warning in pwn libcdb by @xambroz in #2302
• Remove unnecessary python2 shebangs by @xambroz in #2301
• Allow to add to the existing environment in process instead of replacing it by @heapcrash in #1763
• Allow to add to the existing environment in ssh instead of replacing it by @heapcrash in #1764
• Fix pwn libcdb file crashing if "/bin/sh" string was not found by @xambroz in #2307
• Fix support for amd64 x32 ABI by @peace-maker in #2305
• Nicer error when running tmux exploit outside tmux by @peace-maker in #2314
• Bump unicorn dependency to >=2.0.1 by @peace-maker in #2315
• Make sure winexec is 16 byte aligned and add nCmdShow option by @kizzx2 in #2308
• elf/corefile: Clean up pyelftools workarounds by @Arusekk in #2319
• Make pwn template always set context.binary by @FlorianKothmeier in #2279
• Add timeout to gdbserver by @Ordoviz in #2321
• Fix unhex for odd length bytes by @Vsyl in #2333
• Speed up pwn disasm with colored output by @Vsyl in #2334
• Lookup using $PATHEXT file extensions in which on Windows by @peace-maker in #2328
• fix: follow symlink for libs on ssh connection by @teddav in #2338
• Make sure TERM_PROGRAM points to a valid program in run_in_new_terminal by @peace-maker in #2329
• Retry failed lookups after one week in libcdb by @peace-maker in #2323
• Match against local system libc first in libcdb by @peace-maker in #2325
• checksec.py: import ELF instead of * by @disconnect3d in #2346
• Fix pwn constgrep when it matches a non-constant type (Fixes #2344) by @disconnect3d in #2345
• Launch GDB correctly in iTerm on Mac by @teddav in #2341
• Improved DynELF address resolutions and symbol lookups by @Bl4ck-C4t in #2335
• Add a flatten argument to ssh.libs by @ValekoZ in #2268
• Fix Unicorn Engine 1GB limit that calls exit: raise OSError instead (Fixes #2343) by @disconnect3d in #2347

New Contributors

• @gordiig made their first contribution in #2281
• @xambroz made their first contribution in #2302
• @kizzx2 made their first contribution in #2308
• @FlorianKothmeier made their first contribution in #2279
• @Ordoviz made their first contribution in #2321
• @Vsyl made their first contribution in #2333
• @teddav made their first contribution in #2338
• @Nils1729 made their first contribution in #2339
• @patryk4815 made their first contribution in #2161
• @Bl4ck-C4t made their first contribution in #2335
• @ValekoZ made their first contribution in #2268

Full Changelog: 4.12.0...4.13.0beta0

Release 4.12.0

What's Changed

• Add --libc libc.so argument to pwn template by @peace-maker in #2212
• Add -p (--prefix) and -s (--separator) arguments to hex command by @marcan2020 in #2117
• Allow creating custom templates in user-config directory by @hweissi in #2257
• Allow empty argv in ssh.process() (#2217) by @goreil in #2234
• Add shellcraft.sleep template wrapping SYS_nanosleep by @peace-maker in #2221
• shellcraft: more explicit sleep.asm docstring by @disconnect3d in #2226
• Allow ELF.search(str) by @zt20xx in #2211
• Fix format string badbytes inconsistency by @Arusekk in #1895
• Fix passing arguments on the stack in shellcraft syscall template by @peace-maker in #2219
• Fix remote and listen in sagemath by @peace-maker in #2202
• Don't change log level for Corefile._parse_stack() by @peace-maker in #2222
• Fix crash in serialtube when connection fails by @fercevik729 in #2228
• Use command -v instead of which by @whokilleddb in #1946
• py2: fix long hex in shellcraft etc. by @Arusekk in #2230
• shellcraft/i386: optimize stackhunter by @Arusekk in #2231
• shellcraft/*/freebsd: match linux in switching cs by @Arusekk in #2232
• Replace isSet with is_set as the former is deprecated in 3.10+ by @maple3142 in #2208
• Added MAP_ADD opcode to list of opcodes in safeeval.py by @fercevik729 in #2243
• Do not overwrite global bytes in examples by @peace-maker in #2240
• Decoded data from recv_all in adb.packages to a string by @fercevik729 in #2237
• Remove unused and broken rop.find_stack_adjustment by @fercevik729 in #2249
• Rename wd parameter to cwd in ssh.system and ssh.run_to_end by @peace-maker in #2251
• Fix readline omitting a trailing \n by @peace-maker in #2349
• Add RETURN_CONST as an allowed _const_code in safeeval for Python 3.12 compatibility by @erikleffler in #2352
• Change temp path in install script by @Young-Lord in #2097
• Publish Docker images through CI by @peace-maker in #2236
• ci: stabilize coverage by @Arusekk in #2235
• Keep Github Actions up-to-date with Dependabot by @peace-maker in #2238

New Contributors

• @marcan2020 made their first contribution in #2117
• @maple3142 made their first contribution in #2208
• @zt20xx made their first contribution in #2211
• @fercevik729 made their first contribution in #2228
• @whokilleddb made their first contribution in #1946
• @hweissi made their first contribution in #2257
• @erikleffler made their first contribution in #2352

Full Changelog: 4.11.1...4.12.0

Release 4.12.0beta1

What's Changed

• Fix _countdown_handler not invoking timeout_change; Fix value is valu… by @TanixLu in #2287
• Fix tube.clean_and_log not logging buffered data by @peace-maker in #2272
• FIX: Generated shebang with path to python invalid if path contains spaces by @ksshen0000 in #2285
• shellcraft.aarch64: Fix atexit SEGV in loader by @Arusekk in #2294
• Python 2: Fix installing from source by @peace-maker in #2298

New Contributors

• @TanixLu made their first contribution in #2287
• @ksshen0000 made their first contribution in #2285

Full Changelog: 4.12.0beta0...4.12.0beta1

Release 4.11.1

What's Changed

• Fix _countdown_handler not invoking timeout_change; Fix value is valu… by @TanixLu in #2287
• Fix tube.clean_and_log not logging buffered data by @peace-maker in #2272
• FIX: Generated shebang with path to python invalid if path contains spaces by @ksshen0000 in #2285
• shellcraft.aarch64: Fix atexit SEGV in loader by @Arusekk in #2294
• Python 2: Fix installing from source by @peace-maker in #2298

New Contributors

• @TanixLu made their first contribution in #2287
• @ksshen0000 made their first contribution in #2285

Full Changelog: 4.11.0...4.11.1