Passing Input
Last updated
Was this helpful?
Last updated
Was this helpful?
Often, you need to pass hex input to your programs, which may be difficult to do. Here are some techniques to accomplish this.
is really useful for passing data, both locally and remotely.
Connect:
Receive data:
Send data:
Convert values to bytes:
Receive as much input as you're given:
This is a bit convoluted but it works:
Warning: This didn't work properly for a more complex payload :(
You'll probably have better luck if you start up a gdbserver with hex parameters and then connect to that gdbserver using radare2. But it might still be unreliable. Honestly, GDB sucks but at least it's reliable, so consider using that...
You need to make a radare2 profile, args.rr2
:
Then pass in that profile:
You can use echo -e
:
Or you can use this:
The following will pass the letter “A” to some-program as a program parameter:
Warning: This doesn't want to work well together with radare2, which inserts unnecessary symbols (like a `\` symbol before a space)
Here's how I got the hex representation of a payload. I'm sure there's a better way to do it, but it works:
If you want to pass hex on the command line by typing it in yourself via stdin, then this is one way to do it:
You’re reading stdin with cat, passing that into echo -e and piping it into net-zero. The good thing is that you don’t have to read the input before the program is executed, you can do it while it’s executed.
So what will happen is that net-zero will execute and ask for your input. You can type in some input, for example \xae\r\x7fJ , add a newline and press CTRL+d. CTRL+d passes the END OF TRANSMISSION byte to cat, which stops reading from stdin and passes the input to the program.
If you’re wondering where the \xae\r\x7fJ came from, then that is the format string representation of the integer 1249840558, which I got using Python:
This will read predefined input from input.txt
into stack-five, after which input from stdin will be passed. This is useful for getting a shell and then passing commands to that shell from stdin.
You can create a script to output the necessary bytes. Take a look at this for an example.