set environment variable in GDB from output of com

2020-06-24 08:16发布

I am trying to exploit a buffer overflow in a challenge, the buffer gets it's value from an environment variable. In GDB I know that you can set environment variables using the command:

set environment username = test

However I need to pass the username variable special characters, so I need to do something like:

set environment username= $(echo -e '\xff\x4c......')

But that command doesn't get executed and the username variable contains literally what I wrote down, does anybody know a trick to pass special characters to an environment variable?

标签： linux command-line gdb environment-variables command-substitution

2条回答

仙女界的扛把子

2楼-- · 2020-06-24 08:32

When starting gdb from shell command-line, you can specify which program to run, with which arguments (with --args), and even modify the environment of the program with the help of env!

I just did it successfully like this:

gdb --ex=run --args env LD_BIND=now LD_DEBUG=libs \
apt-get install --yes $(cat pkgs-to-install-to-crash-apt)

--ex=run is to ask gdb to run it immediately.

0人赞添加讨论(0) 举报

等我变得足够好

3楼-- · 2020-06-24 08:47

Well, if you really need to do it from GDB, here is one example:

hello.c

#include <stdlib.h>
#include <stdio.h>

int main(int argc, char** argv) {
    printf("argv[1]=%s\n", argv[1]);
    printf("VAR=%s\n", getenv("VAR"));
    return 0;
}

Example:

$ gcc -g -o hello hello.c
$ gdb ./hello
...
(gdb) set exec-wrapper bash -c 'exec env VAR="`echo myEnv`" "$@"' --
(gdb) r myArg
...
argv[1]=myArg
VAR=myEnv

Change VAR and echo myEnv to a variable and command you need.

But note that setting VAR from shell before starting GDB also works:

$ VAR=`echo Hey there` gdb ./hello
...
(gdb) r myArg
...
argv[1]=myArg
VAR=Hey there

0人赞添加讨论(0) 举报

set environment variable in GDB from output of com

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间