1

I was trying to send a string to another application running on a server (which I do not have access to). The string includes null characters. Now I noticed that when I run the following code in a script,

print('abc\x00\x91\x11\x01123')

the output is: abc\x00\x91\x11123.

Athought when I run the same code in the terminal:

python -c 'print("abc\x00\x91\x11\x01123")'

I get as output: abc�123

Which is the desired output in my case. Why do both outputs differ? How do I get the second output when running the print function in a script?

EDIT: I figured out what was causing the difference. pwntools caused that behaviour. But I still can't really figure out why. The following code:

#!/usr/env/python
import pwn

print('abc\x00\x91\x11\x01123')

results in

abc\x00\x91\x11123

When I do not import pwn, the result is as expected: abc�123.

MMikkk
  • 45
  • 7
  • I cannot imagine how you could ever get `abc\x00\x91\x11123` as output of `print('abc\x00\x91\x11\x01123')`. That is simply wrong. What exactly did you do to get that output? – zvone Apr 14 '19 at 16:40
  • I figured out that it an import caused this behaviour. – MMikkk Apr 14 '19 at 17:30

2 Answers2

0

There is actually no difference. Your problem is elsewhere but not in the difference of interpretation between in a terminal and in a script.

Here is the output I have locally for your example:

[cecile@CC-PC ~]$ python
Python 3.5.3 (default, Jan 19 2017, 14:11:04)
[GCC 6.3.0 20170118] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> print('abc\x00\x91\x11\x01123')
abc_123
>>>
[cecile@CC-PC ~]$ python -c 'print("abc\x00\x91\x11\x01123")'
abc_123

On this machine the non-printable characters seems to be replaced by _ but the point here is that, as you can see, the result is the same in the interpreter and in the terminal.

Cecile
  • 1,553
  • 1
  • 15
  • 26
  • This does not really answer the question. It only says that the question is invalid. Such comments belong in the _comments_ section, not in the answers. – zvone Apr 14 '19 at 16:44
  • It's easier to demonstrate in the answer with proper code identation than in a comment. Besides I can always update it later when there is more input. – Cecile Apr 14 '19 at 16:58
  • I figured out that it an import caused this behaviour. This is weird. How could an import alter the print function. The import such as I descripted it in the EDIT part is not supposed to change anything is it? – MMikkk Apr 14 '19 at 17:32
  • I have no idea. This is the first time I see this but it's good that you found it :) Check the doc, maybe there is info about it – Cecile Apr 14 '19 at 18:14
0

I hope this qualifies as answer in Stack Overflow standards.

If you play with grenade, treat is like grenade, not a toy. PWN tools seem to be some script-kiddies tools for exploitation. If you would read the first few paragraphs of the documentation, you would find the following:

As stated, we would also like to have the ability to get a lot of these side-effects by default. That is the purpose of this module. It does the following:

[...]Calls pwnlib.term.init() to put your terminal in raw mode and implements functionality to make it appear like it isn’t.

You have been warned, however you haven't RTFM.

Community
  • 1
  • 1
Michał Fita
  • 1,183
  • 1
  • 7
  • 24