Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

bash - Type characters in hexadecimal notation to standard input

I'd like to write non-ASCII characters (0xfe, 0xed, etc) to a program's standard input.

There are a lot of similar questions to this one, but I didn't find an answer, because:

  • I want to write single-byte characters, not unicode characters
  • I can't pipe the output of echo or something

On OS X¹ you can test with:

nm - -

I'd like to write object files magic bytes (e.g. 0xfeedface) to nm using standard input so I can see how it does behave and I can recode it.

If I use a pipe then the second argument -, which means stdin, will never match any bytes since all the standard input will go to the first one. When using a terminal instead of a pipe, I can type Ctrl + D so the first one gets 'closed' and the second one start reading.

I tried with Ctrl + Shift + U and the Unicode Hex Input of OS X but it doesn't work -- I can't write the desired characters with it.

I also tried with the clipboard with pbcopy but it fails to read/paste non-ASCII or non-unicode characters.

How can I achieve my goal?

Don't hesitate to edit as this was a difficult question to express.

¹ The nm on linux does not handle stdin.

like image 797
Bilow Avatar asked Jan 10 '17 00:01

Bilow


2 Answers

You can echo your desired hex code into a file.

echo -e -n '\xde\xad\xbe\xef\xde\xad\xbe\xef' >/tmp/yo

or

echo -en \\xde\\xad\\xbe\\xef\\xde\\xad\\xbe\\xef >/tmp/yo

and make your executable to read from this file instead of stdin

./executable </tmp/yo

If you don't wan't to create a file, here's an alternative

python -c 'print("\x61\x62\x63\x64")' | /path/to/exe

If you want stdin control to be transferred back (in case if you're trying to execute an interactive shell --> we need a subshell to keep sending inputs to stdin. Otherwise, after the first input, the executable would exit as it is not going to get anything further on stdin)

( python -c 'print("\x61\x62\x63\x64")' ; cat ) | /path/to/exe

Python does some juggling with the bytes. So, incase of Python3, you'll have to do the following :

( python -c 'import sys; sys.stdout.buffer.write(b"\x61\x62\x63\x64")' ; cat ) | /path/to/exe

This answer helped me : https://reverseengineering.stackexchange.com/questions/13928/managing-inputs-for-payload-injection

like image 62
Ajmal Moochingal Avatar answered Nov 15 '22 04:11

Ajmal Moochingal


Try a util like xxd:

# echo hex 52 to pipe, convert it to binary, which goes to stdout
echo 52 | xxd -r ; echo
R

Or for a more specialized util try ascii2binary (default input is decimal):

# echo dec 52 to pipe, convert it to binary, which goes to stdout
echo 52 | ascii2binary  ; echo
4

# echo base11 52 to pipe, convert it to binary, which goes to stdout
echo 52 | ascii2binary -b 11 ; echo
9

Or dump a series of hex chars, showing what hexdump sees:

echo 7 ef 52 ed 19 | ascii2binary -b h  | \
    hexdump -v  -e '/1  "%_ad#  "' -e '/1 " _%_u\_\n"'
0#   _bel_
1#   _ef_
2#   _R_
3#   _ed_
4#   _em_

See man xxd ascii2binary for the various tricks these utils can do.

like image 24
agc Avatar answered Nov 15 '22 04:11

agc