#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This exploit template was generated via:
# $ vagd {cmd_args}
from pwn import *
{modules}

GOFF   = 0x555555554000                               # GDB default base address
IP     = {ip:<44s} # remote IP
PORT   = {port:<44s} # remote PORT
BINARY = {binary:<44s} # PATH to local binary
ARGS   = []                                           # ARGS supplied to binary
ENV    = {env:<44s} # ENV supplied to binary
BOX    = {box:<44s} # Docker box image
{ad_env}
# GDB SCRIPT, executed at start of GDB session (e.g. set breakpoints here)
GDB    = f"""
set follow-fork-mode parent

c"""

context.binary = exe = ELF(BINARY, checksec=False)    # binary
context.aslr = {aslr:<5s}                                  # ASLR enabled (only GDB)

{aliases}

# setup vagd vm
vm = None
def setup():
  global vm
  if args.REMOTE or {is_local}{is_ad}:
    return None

  try:
    # only load vagd if needed
    from vagd import {dependencies}, Box
  except ModuleNotFoundError:
    log.error('Failed to import vagd, run LOCAL/REMOTE or install it')
  if not vm:
    {vms}
  if vm.is_new:
    # additional setup here
    log.info('new vagd instance')

  return vm


# get target (pwnlib.tubes.tube)
def get_target(**kw):
  if args.REMOTE{is_ad}:
    # context.log_level = 'debug'
    return remote(IP, PORT)

  if {is_local}:
    if args.GDB:
      return gdb.debug([BINARY] + ARGS, env=ENV, gdbscript=GDB, **kw)
    return process([BINARY] + ARGS, env=ENV, **kw)

  return vm.start(argv=ARGS, env=ENV, gdbscript=GDB, **kw)


vm = setup()

#===========================================================
#                   EXPLOIT STARTS HERE
#===========================================================
{info}
# libc = ELF({libc}, checksec=False)

t = get_target()

t.interactive() # or it()
