0

I was trying to make read return 0 in a program (the one in the while loop), and then execute the second read properly, which worked perfectly by hand, with CTRL-D. However I wanted to do the same in pwntools (p = process("./test")). I have already tried to send the eof character with p.sendline("\x04") but didn't work. The program took the input like "\x0a\x04". p.send() doesn't change anything. This is my test program:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main(void) {
   char buf[24];
   while(1) {
      if(read(0,buf,16)==0) {
         break;
      }
   }
   read(0,buf,16);
   return 0;
}

I hope anyone can help me.

BitFriends
  • 379
  • 5
  • 18
  • 2
    `EOF` is not a character. It's a signal. As in ... if you ask your friend how much money there is in their bank account and they answer "Go to hell" ... "Go to hell" is not an amount of money in a bank account. Simply close `p` and the environment you're in will probably send the right signal to your listening program. – pmg Feb 02 '21 at 13:55
  • @pmg Ok cool thanks, but if we imagine the program continues afterwards, I can't just close the program. Is there a way to make read just return null and continue? This works with `CTRL-D` – BitFriends Feb 02 '21 at 13:59
  • `have already tried to send the eof character with p.sendline("\x04")` what is `p`? – KamilCuk Feb 02 '21 at 14:00
  • Don't close the program you've shown. Close `p` ... whatever that is ... like typing `Ctrl+D` "closes" the keyboard. – pmg Feb 02 '21 at 14:01
  • I edited the question, maybe it's more clear now – BitFriends Feb 02 '21 at 14:03
  • 1
    maybe `p.release()`, `p.disconnect()`, `p.close()`, `p.destroy()`, `p.hangup()`... don't know "pwntools" ... maybe `process("./test")` isn't the right tool for what you are trying to do – pmg Feb 02 '21 at 14:07
  • 2
    @pmg I love the bank account analogy, but it's probably a bad idea to use the word "signal". Too much baggage, and may cause confusion since `^C` does send a signal while `^D` does not. Perhaps say that EOF is an indicator, or a flag, or something. – William Pursell Feb 02 '21 at 14:24
  • Noted, and agreed @WilliamPursell – pmg Feb 02 '21 at 14:40
  • From [what I can tell](http://docs.pwntools.com/en/stable/tubes/processes.html), by default, pwnlib.tubes.process.process uses a pipe for for spawned process's standard input. If standard input is a pipe, `read` won't return 0 until the other end of the pipe has been closed and all data in the pipe has been read. However, You can tell it to use a PTY (pseudo terminal) for standard input, which would allow interactive control as though the input was being entered from a terminal. – Ian Abbott Feb 02 '21 at 14:52

1 Answers1

0

It depends on the type of connection.

If it is a pipe or a socket, there is no other way than closing the connection.

But if it is a pseudo-terminal (you can enforce it in pwntools by using process(..., stdin=PTY)), you can use the terminal line editing capabilities of the operating system (see termios(3) for the description of canonical mode), you can send it an EOF mark with p.send(b'\4') (i.e. Ctrl+D).

So your final code should look something like:

from pwn import *

p = process('./test', stdin=PTY)
p.send(b'\4')  # mind the b before binary data literal (text is not bytes)

# then something else maybe
p.interactive()
Arusekk
  • 827
  • 4
  • 22