Reverse engineering

Reverse engineering

Use pwngdb and pwntools

Use C-functions in python

import ctypes
libc = ctypes.CDLL('libc.so.6')
for i in range(255):
    libc.srand(i)
    mapping[libc.rand()] = chr(i)

Access value from an ELF using pwntools

from pwn import *
e = ELF("./casino", checksec=False)
val = e.u32(e.sym["check"] + j * 4)