bash 如何在linux bash中输入ASCII码“00”和“01”?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/15308226/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to type ASCII code "00" and "01" in linux bash?
提问by Brian
I have program which looks like this:
我有看起来像这样的程序:
/* buf_overflow.c */
#include <stdio.h>
int main(){
char buf[4];
char exploit_buf[4];
fgets(buf, 4, stdin);
gets(exploit_buf);
printf("exploit_buf: %s\n", exploit_buf);
return 0;
}
I'm going to use the vulnerability of "gets" function to buffer-overflow some other variables. The value that I want to write to "exploit_buf" is "AAAAAAAA\x01\x00\x00\x00", but i don't know how to send ASCII codes "01" and "00" into exploit_buf.
我将利用“gets”函数的漏洞来缓冲溢出一些其他变量。我想写入“exploit_buf”的值是“AAAAAAAAA\x01\x00\x00\x00”,但我不知道如何将ASCII码“01”和“00”发送到exploit_buf。
I know that using this command "printf "AAAAAAAA\x01\x00\x00\x00"" can type the characters that I want, but I don't know how to send them into exploit_buf. I also know that Alt+(number keys on the right of the keyboard) can generate characters from the ASCII code I typed, but this doesn't work in my program either.
我知道使用这个命令"printf "AAAAAAAAA\x01\x00\x00\x00"" 可以输入我想要的字符,但我不知道如何将它们发送到exploit_buf。我也知道 Alt+(键盘右侧的数字键)可以从我输入的 ASCII 代码生成字符,但这在我的程序中也不起作用。
The main problem is "how can I skip the first function "fgets()" and type arbitrary ASCII code in "gets()"".
主要问题是“如何跳过第一个函数“fgets()”并在“gets()”中键入任意 ASCII 代码”。
Anyone knows how to type arbitrary ASCII code in the command line of linux?
有人知道如何在linux的命令行中输入任意ASCII码吗?
回答by nneonneo
You can use echo -e:
您可以使用echo -e:
$ echo -ne 'AAAAAAAA\x01\x00\x00\x00' | python -c 'import sys; print repr(sys.stdin.read())'
'AAAAAAAA\x01\x00\x00\x00'
-eallows echoto interpret escape codes, and -nsuppresses the trailing newline.
-e允许echo解释转义码,并-n抑制尾随的换行符。
Note that the Python program prints out the string representation of what it received, which is exactly what we sent in using echo.
请注意,Python 程序打印出它接收到的内容的字符串表示形式,这正是我们使用echo.
For more complex exploit strings, it's not uncommon to simply use Perl or Python to build the exploit string directly:
对于更复杂的漏洞利用字符串,简单地使用 Perl 或 Python 直接构建漏洞利用字符串并不少见:
$ perl -e 'print "A" x 1024 . "echo $'printf 'whatever' | myprogram
0##代码##1' > file1
##代码####代码##"' | ./buf_overflow
回答by Deepu
Type the following command in terminal.
在终端中键入以下命令。
##代码##This will save the values of ASCII Character 1 and ASCII Character 2 into a file named file1. Now you can read this in to your buffer exploit_buf.
这会将 ASCII 字符 1 和 ASCII 字符 2 的值保存到名为 file1 的文件中。现在您可以将其读入您的缓冲区exploit_buf。
回答by paxdiablo
Since it's just getting input from standard input, you can just pipe the output of your printfinto it:
由于它只是从标准输入获取输入,因此您可以将输出通过管道传输printf到其中:
回答by Benjiman
Great example from nneonneo.
来自 nneonneo 的好例子。
However if you wish to type them in directly without help from a script you can change your keyboard config to use the "USA International (AltGr dead keys)" mode (under System -> Preferences -> Keyboard -> Layout) then you can use special symbols easily by using the right alt button. Examples - é is rAlt+e. ° is rAlt-shift-0-0 (press 0 twice while holding the other buttons).
但是,如果您希望在没有脚本帮助的情况下直接输入它们,您可以更改键盘配置以使用“美国国际(AltGr 死键)”模式(在系统 -> 首选项 -> 键盘 -> 布局下),然后您可以使用使用正确的 alt 按钮可以轻松地使用特殊符号。示例 - é 是 rAlt+e。° 是 rAlt-shift-0-0(按住其他按钮的同时按 0 两次)。
