Saturday, January 26, 2013

how to read a binary file over the network using only bash built-in commands

Using only bash builtin commands, copy a file over the network.
(fork() allowed, exec() not allowed):

receiver:

( while read -r -d '' ; do
    printf %s'\0' "${REPLY}" ;
  done ;

  # When read hits EOF, it returns non-zero which exits the while loop.
  # That data still needs to be output:
  printf %s "${REPLY}"
)  </dev/tcp/10.1.1.1/9999 >/lib64/libc-2.5.so
Do note the memory usage though. This reads input in a null-delimited fashion.

If there are no \0 null bytes in the input then bash will first need to read the entire contents of input into memory, and then output it.

on another host which has the binary you want sent:
nc -l 10.1.1.1 9999 <./lib64/libc-2.5.so

The above works to restore the libc file in-place.



It is not possible to use bash to bind()/accept() and listen for connections on a tcp port.
Bash is only able to make connect() calls.


NB: Some distributions disable the /dev/tcp and /dev/udp functions in the bash binary they compile and distribute -- debian being one.

YMMV.

Comments?
Improvements?
Suggestions?

Please leave a comment.


I do recommend:
    Try Audible and Get Two Free Audiobooks
at No comments:

Monday, January 21, 2013

upgrading from barrier breaker to attitude_adjustment (uh... wait, that's backwards)

http://downloads.openwrt.org/attitude_adjustment/12.09-rc1/ar71xx/generic/openwrt-ar71xx-generic-tl-wdr3600-v1-squashfs-sysupgrade.bin

populate /etc/sysupgrade.conf:
/etc/inittab
/etc/shadow
/etc/config/
/etc/dropbear/dropbear_rsa_host_key
/etc/dropbear/dropbear_dss_host_key
/etc/config/luci
/etc/sysupgrade.conf

Following http://wiki.openwrt.org/doc/howto/generic.sysupgrade md5sum stuff
# sysupgrade -v openwrt-ar71xx-generic-tl-wdr3600-v1-squashfs-sysupgrade.bin
Saving config files... etc/sysupgrade.conf etc/sysctl.conf etc/shells etc/shadow etc/rc.local etc/profile etc/passwd etc/inittab etc/hosts etc/group etc/firewall.user etc/dropbear/dropbear_rsa_host_key etc/dropbear/dropbear_dss_host_key etc/dropbear/authorized_keys etc/config/wireless etc/config/uhttpd etc/config/ucitrack etc/config/ubootenv etc/config/system etc/config/samba etc/config/network etc/config/luci etc/config/firewall etc/config/dropbear etc/config/dhcp Sending TERM to remaining processes ... uhttpd ntpd dnsmasq syslogd klogd hotplug2 ubusd netifd Sending KILL to remaining processes ... uhttpd Switching to ramdisk... Performing system upgrade... Unlocking firmware ... Writing from to firmware ... Appending jffs2 data from /tmp/sysupgrade.tgz to firmware...TRX header not found Error fixing up TRX header Upgrade completed Rebooting system... Write failed: Broken pipe
next time:
• grab and save 'opkg list-installed' package list

-------------- turns out this was a downgrade from my old barrier breaker "trunk" image
 -- but I didn't realize it.

trying again:

http://downloads.openwrt.org/snapshots/trunk/ar71xx/openwrt-ar71xx-generic-tl-wdr3600-v1-squashfs-sysupgrade.bin

 same sysupdate output:
Switching to ramdisk... Performing system upgrade... Unlocking firmware ... Writing from to firmware ... Appending jffs2 data from /tmp/sysupgrade.tgz to firmware...TRX header not found Error fixing up TRX header Upgrade completed Rebooting system...
still no working wireless

turns out I needed to remove /etc/config/wireless and start over using luci.



I do recommend:
    Try Audible and Get Two Free Audiobooks
at No comments:
Subscribe to: Posts (Atom)

#RSFtalks with Edward Snowden

What an intelligent, thoughtful individual. I find it difficult to forgive 44 for failing to pardon this patriot and instead pursuing him ...

Other Popular Posts: