使用子进程的Python利用
[英]Python exploit using subprocess
问题描述
I have a small program (Program A) that asks for a password, and if the password is correct, it opens a shell. 
我有一个小程序(程序A),要求输入密码,如果密码正确,它将打开一个外壳。 I want to make another program (Program B) in python that calls Program A and gives the password as input, so that the shell is opened. 我想在python中制作另一个程序(程序B),该程序调用程序A并提供密码作为输入,以便打开外壳。
I'm doing the following, but the program just terminates, without letting me use the shell. 我正在执行以下操作,但是该程序只是终止了,没有让我使用外壳。
p = subprocess.Popen("./ProgramA", stdin=subprocess.PIPE)
p.communicate("password")
When running Program B my terminal looks like: 运行程序B时,我的终端如下所示:
~/Desktop/$./ProgramB
Password: Here is your shell.
~/Desktop/$ (this is not the shell opened by program A)
How can I fix this? 我怎样才能解决这个问题?
3 个解决方案
解决方案1
0 2014-05-19 15:27:01
The shell started by ProgramA inehrits stdin from its parent process, so it inherits the pipe. 由ProgramA启动的shell从其父进程中继承了stdin,因此它继承了管道。 The pipe is already closed at that point, so the shell exits. 此时管道已经关闭,因此外壳退出。
You would want to keep the terminal as stdin, but then it will be hard to fake the password input. 您可能希望将终端保留为stdin,但是很难伪造密码输入。
解决方案2
0 2014-05-19 15:29:34
Popen.communicate() closes stdin of the subprocess and waits until it terminates - it is expected behaviour. Popen.communicate()关闭子Popen.communicate() stdin并等待直到它终止-这是预期的行为。 What you need is simply p.stdin.write("password") . 您只需要p.stdin.write("password") 。
解决方案3
0 2014-05-19 16:12:56
Assuming this is linux or osx, programs typically operate differently if stdin is a pipe instead of a terminal and they also "step around" stdin and read the terminal for the password. 假设这是linux或osx,如果stdin是管道而不是终端,则程序通常会以不同的方式运行,并且它们也“绕过” stdin并读取终端以获取密码。 In your case, the program likely saw no terminal and exited. 在您的情况下,程序可能没有看到终端并退出。 Try using the python pexpect module or read its source to see how to open a pty for stdin. 尝试使用python pexpect模块或阅读其源代码,以了解如何为stdin打开pty。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.