可以使用stdin和stdout作为tcp套接字执行bash
[英]can bash be executed with stdin and stdout being a tcp socket
问题描述
To give some context, I am trying to learn about pseudo-terminals (pty). 
为了提供一些背景信息,我正在尝试学习伪终端(pty)。 A pseudo-terminal appears to a user process (bash for example) as if it was a real one. 伪终端在用户进程(例如bash)中似乎是真实终端。 This allows to do all sorts of good stuff like telnet, ssh, etc. 这允许做各种好事,例如telnet,ssh等。
My question is, for something like telnet, is it possible to just "exec" bash and set the stdin and stdout to be the tcp connection of the remote client machine. 我的问题是,对于像telnet这样的事情,是否可以只执行“ bash” bash并将stdin和stdout设置为远程客户端计算机的tcp连接。 Because if that is possible, then I don't fully understand the value of using a pseudo-terminal 因为如果可能的话,那么我不完全理解使用伪终端的价值
1 个解决方案
解决方案1
1 已采纳 2017-02-11 16:45:07
Yes, it's possible - and in fact this is how lots of "shellcode" exploits against network services traditionally gave the attacker a shell - but you won't be able to control it interactively to the extent you normally would. 是的,这是有可能的-实际上,这是传统上针对网络服务的大量“ shellcode”漏洞给攻击者提供了一个shell-但您将无法以通常的程度进行交互式控制。 This is because a socket is not a tty. 这是因为套接字不是tty。 It can't translate bytes sent over the line into signals for the attached process (things like ^C , ^Z , etc.), it can't send EOFs as data, it can't do job control (suspend on ^Z , suspend on input when in background, etc.), and it can't convey mode switches (canonical/"cooked" mode versus raw mode). 它无法将通过该行发送的字节转换为用于附加进程的信号(诸如^C , ^Z等),它无法将EOF作为数据发送,也无法执行作业控制(挂在^Z ,在后台等时暂停输入),并且无法传达模式切换(规范/“熟化”模式与原始模式)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.