标准输入,标注输出,标注错误输出 【stdin,stdout,stderr】
level 1 重定向 标准输出 写入文件
echo PWN > COLLEGE
level 2 重定向 程序输出 写入文件
/challenge/run > myflag
level 3 重定向追加写入
/challenge/run >> the-flag
level 4 重定向错误输出
等价于 1> ,fd为1【标准输出】。
0>标准输入, 2>标准错误输出
/challenge/run > myflag 2> instructions # 程序两个输出分别重定向
level 5 重定向输入文件内容给程序
echo COLLEGE > PWN /challenge/run < PWN
level 6 grep筛选指定数据行【将输出数据存储后筛选】
grep "pwn.college" data.txt pwn.college{w8bTSXyLhnyY7JYcKUjjRANXKKk.dhTM4QDLwYTM2QzW}
level 7 grep 与 | 筛选指定数据行【不存储直接筛选】
./run | grep pwn.college pwn.college{Uo2csJwSWCIW7jC3hmF2VnSw1rM.dlTM4QDLwYTM2QzW}
level 8 标准错误输出重定向到标准输出并使用grep筛选
“|”运算符仅将标准输出重定向到另一个程序,并且不存在运算符的“2|”形式!
它可以重定向标准输出(文件描述符1)。
hacker@piping~grepping-errors:/challenge$ ./run 2>&1| grep pwn.college [INFO] WELCOME! This challenge makes the following asks of you: [INFO] - the challenge checks for a specific process at the other end of stderr : grep [INFO] - the challenge will output a reward file if all the tests pass : /challenge/.data.txt [HYPE] ONWARDS TO GREATNESS! [INFO] This challenge will perform a bunch of checks. [INFO] If you pass these checks, you will receive the /challenge/.data.txt file. [TEST] You should have redirected my stderr to another process. Checking... [TEST] Performing checks on that process! [INFO] The process' executable is /usr/bin/grep.' [INFO] This might be different than expected because of symbolic links (for example, from /usr/bin/python to /usr/bin/python3 to /usr/bin/python3.8). [INFO] To pass the checks, the executable must be grep. [PASS] You have passed the checks on the process on the other end of my stderr! [PASS] Success! You have satisfied all execution requirements. pwn.college{Ad3t-Y49HHZS2fcpBJXEfTtDtRw.dVDM5QDLwYTM2QzW}
level 9 【⭐⭐⭐】
将一个bash文件运行【添加特定参数】的输出数据**通过管道符**传递给另一个bash文件【不能改变第二个bash文件内容】通过第二个bash获得flag。
hacker@piping~duplicating-piped-data-with-tee:/challenge$ /challenge/pwn --secret 8hKE-9lb | /challenge/college Processing... Correct! Passing secret value to /challenge/college... Great job! Here is your flag: pwn.college{8hKE-9lbCSPdTOscjCaM6nWkxCO.dFjM5QDLwYTM2QzW}
tee命令
When you pipe data from one command to another, you of course no longer see it on your screen. This is not always desired: for example, you might want to see the data as it flows through between your commands to debug unintended outcomes (e.g., "why did that second command not work???"). Luckily, there is a solution! The `tee` command, named after a "T-splitter" from _plumbing_ pipes, duplicates data flowing through your pipes to any number of files provided on the command line. For example: ```console hacker@dojo:~$ echo hi | tee pwn college hi hacker@dojo:~$ cat pwn hi hacker@dojo:~$ cat college hi hacker@dojo:~$
As you can see, by providing two files to tee, we ended up with three copies of the
piped-in data: one to stdout, one to the pwn file, and one to the college file.
You can imagine how you might use this to debug things going haywire:
hacker@dojo:~$ command_1 | command_2 Command 2 failed! hacker@dojo:~$ command_1 | tee cmd1_output | command_2 Command 2 failed! hacker@dojo:~$ cat cmd1_output Command 1 failed: must pass --succeed! hacker@dojo:~$ command_1 --succeed | command_2 Commands succeeded!
Now, you try it!
This process’ /challenge/pwn must be piped into /challenge/college,
but you’ll need to intercept the data to see what pwn needs from you!
```shell 当您将数据从一个命令管道传输到另一个命令时,您当然不会再在屏幕上看到它。 这并不总是可取的:例如,您可能希望看到数据在命令之间流动,以调试意外结果 (例如,“为什么第二个命令不起作用??”)。 幸运的是,有一个解决方案! “tee”命令以_pluming_pipes中的“T形拆分器”命名, 它将流经管道的数据复制到命令行上提供的任意数量的文件中。 例如: ```console hacker@dojo:~$ echo hi | tee pwn college hi hacker@dojo:~$ cat pwn hi hacker@dojo:~$ cat college hi hacker@dojo:~$
正如您所看到的,通过向“tee”提供两个文件,我们最终得到了管道输入数据的三个副本:一个到stdout,一个到“pwn”文件,一个给“college”文件。
您可以想象如何使用它来调试失控的事情:
hacker@dojo:~$ command_1 | command_2 Command 2 failed! hacker@dojo:~$ command_1 | tee cmd1_output | command_2 Command 2 failed! hacker@dojo:~$ cat cmd1_output Command 1 failed: must pass --succeed! hacker@dojo:~$ command_1 --succeed | command_2 Commands succeeded!
现在,你试试看!
这个过程“/chamlley/pwn”必须通过管道传输到“/chamble/college”,但您需要截取数据,看看“pwn”需要从您那里得到什么!
