0

I have built a very small C program that accepts arguments from the command line to experience with buffer overflows. I am trying to overwrite the stack's function return value with a specific hexadecimal value. Instead of looking through the ASCII chart, I know I can use python to translate hex values to ASCII for me.

I've only found documentation for Linux that havn't worked for me on Windows.

Run function from the command line

Input Hex into argv[1]

./myProgram $(python -c "print '\x48\x65\x6c\x6c\x6f'") (from above links)

What I have tried :

myprogram.exe ($python -c print('\xe9\x14\x40\x00'))

myprogram.exe $python -c print('\xe9\x14\x40\x00')

myprogram.exe python -c "print('\xe9\x14\x40\x00')"

Result should be:

myprogram.exe [argv1]

use python's print function to input value into argv1

myprogram.exe é[]@

[] is not a printable character. It's hex 14 in the ASCII table

Community
  • 1
  • 1
Nathan Hunt
  • 1
  • Try this https://superuser.com/questions/289344/is-there-something-like-command-substitution-in-windows-cli – clubby789 Oct 12 '19 at 23:37
  • @JL2210 Yes, that's exactly what my question is. However, just like the author of the post mentionned, even if you do have Pearl/Python packages installed, in a windows CMD prompt, if you do >myprogram.exe [python script here]: the script isn't evaluated. It takes it directly as arguments for the myprogram executable. I've read the documentation about the Python C switch which is exactly what I need but I have no clue about how to feed the output as an argument to an executable from the command line – Nathan Hunt Oct 12 '19 at 23:40
  • 1
    @NathanHunt Better duplicates: https://stackoverflow.com/questions/2768608/batch-equivalent-of-bash-backticks and http://stackoverflow.com/questions/108439/how-do-i-get-the-result-of-a-command-in-a-variable-in-windows – S.S. Anne Oct 12 '19 at 23:44

0 Answers0