execve

understanding requirements for execve and setting environment vars

戏子无情 提交于 2019-12-03 02:25:50
We are having a lot of trouble interpreting our teacher. We asked for clarification and got the following back from him For execve, send it a environment you setup with your exported variables and create a builtin command to spawn a subshell of /bin/bash, that way you can see your exported variables using env. (He is talking about creating our own environment vars here.) Yes create your own. You can start by copying environ when your shell starts and add only exported variables This is related to the following post on Stack Overflow by me (reading this other post will help you understand what

Pass File Descriptor - Execve (typecast)

我的梦境 提交于 2019-12-02 10:43:39
I am wondering how I can pass a file descriptor through the execve() command and then access it on the other side. I know that I can use dup2 to redirect the file-descriptor but I cannot do that. I am required to actually pass the file descriptor to the child and use it in the child. What I have done so far: Parent makes pipe + args like the following: int pfd[2]; if(pipe(pfd) == -1) exitWithError("PIPE FAILED", 1); char *args_1[] = {"reader", argv[1], (char*) pfd, (char *) 0}; Then the child calls execve after fork() like the following: close(pfd[1]); execve("./reader", args_1, NULL); Then,

C execve() parameters [spawn a shell example]

五迷三道 提交于 2019-12-01 01:06:57
I have to fill the parameters for: int execve(const char *filename, char *const argv[], char *const envp[]); If I execute this program: #include <unistd.h> int main() { char *args[2]; args[0] = "/bin/sh"; args[1] = NULL; execve(args[0], args, NULL); } the shell is spawned correctly as expected. My problem is that the shell is spawned correctly also if I pass a NULL as second parameter like that: #include <unistd.h> int main() { char *args[2]; args[0] = "/bin/sh"; args[1] = NULL; execve(args[0], NULL, NULL); } So what's the purpose to use the args vector (with the "/bin/sh" + NULL) as second

using a new path with execve to run ls command

♀尐吖头ヾ 提交于 2019-11-30 23:24:40
I am trying to use execve to run the ls command. Currently I'm running it with the following arguments: execve(args[0], args, env_args) //args looks like {"ls", "-l", "-a", NULL} //env_args looks like {"PATH=/bin", "USER=me", NULL} What I expected this to do was run the ls command using my new env_args meaning that it would look up ls in my PATH. However, this code actually doesn't do anything and when I run the code it just returns to my command prompt without output. Using the same args[] I was using execvp and ls worked and searched my current path. Can you tell me what I am doing wrong?

C execve() parameters [spawn a shell example]

对着背影说爱祢 提交于 2019-11-30 20:30:42
问题 I have to fill the parameters for: int execve(const char *filename, char *const argv[], char *const envp[]); If I execute this program: #include <unistd.h> int main() { char *args[2]; args[0] = "/bin/sh"; args[1] = NULL; execve(args[0], args, NULL); } the shell is spawned correctly as expected. My problem is that the shell is spawned correctly also if I pass a NULL as second parameter like that: #include <unistd.h> int main() { char *args[2]; args[0] = "/bin/sh"; args[1] = NULL; execve(args[0

using a new path with execve to run ls command

做~自己de王妃 提交于 2019-11-30 18:36:01
问题 I am trying to use execve to run the ls command. Currently I'm running it with the following arguments: execve(args[0], args, env_args) //args looks like {"ls", "-l", "-a", NULL} //env_args looks like {"PATH=/bin", "USER=me", NULL} What I expected this to do was run the ls command using my new env_args meaning that it would look up ls in my PATH. However, this code actually doesn't do anything and when I run the code it just returns to my command prompt without output. Using the same args[] I

Re-writing a small execve shellcode

泪湿孤枕 提交于 2019-11-30 10:10:13
Going through http://hackoftheday.securitytube.net/2013/04/demystifying-execve-shellcode-stack.html I understood the nasm program which invokes execve and was trying to re-write it. Some background information: int execve(const char *filename, char *const argv[], char *const envp[]); So, eax = 11 (function call number for execve ), ebx should point to char* filename , ecx should point to argv[] (which will be the same as ebx since the first argument is the *filename itself e.g. "/bin/sh" in this case), and edx will point to envp[] ( null in this case). Original nasm code: global _start section

Re-writing a small execve shellcode

血红的双手。 提交于 2019-11-29 15:56:12
问题 Going through http://hackoftheday.securitytube.net/2013/04/demystifying-execve-shellcode-stack.html I understood the nasm program which invokes execve and was trying to re-write it. Some background information: int execve(const char *filename, char *const argv[], char *const envp[]); So, eax = 11 (function call number for execve ), ebx should point to char* filename , ecx should point to argv[] (which will be the same as ebx since the first argument is the *filename itself e.g. "/bin/sh" in

How to execve a process, retaining capabilities in spite of missing filesystem-based capabilities?

房东的猫 提交于 2019-11-29 07:57:12
I want to make system usable without setuid , file "+p" capabilities, and in general without things which are disabled when I set PR_SET_NO_NEW_PRIVS . With this approach ( init sets PR_SET_NO_NEW_PRIVS and filesystem-based capability elevation no longer possible) you cannot "refill" your capabilities and only need to be careful not to "splatter" them. How to execve some other process without "splattering" any granted capabilities (such as if the new program's file is setcap =ei )? Just "I trust this new process as I trust myself". For example, a capability is given to a user (and the user

How to execve a process, retaining capabilities in spite of missing filesystem-based capabilities?

自闭症网瘾萝莉.ら 提交于 2019-11-28 01:21:12
问题 I want to make system usable without setuid , file "+p" capabilities, and in general without things which are disabled when I set PR_SET_NO_NEW_PRIVS. With this approach ( init sets PR_SET_NO_NEW_PRIVS and filesystem-based capability elevation no longer possible) you cannot "refill" your capabilities and only need to be careful not to "splatter" them. How to execve some other process without "splattering" any granted capabilities (such as if the new program's file is setcap =ei )? Just "I