string<->hexstring互转
#!/bin/bash
if [ $1 == 'enc' ]
then
# 要转换的字符串
input_str=$2
# 将字符串转换为十六进制字符
hex_str=$(echo "$input_str" | xxd -p |tr -d '\n')
# 输出转换后的十六进制字符
echo "$hex_str"
elif [ $1 == 'dec' ]
then
# 解密并执行命令
echo -ne $2 | xxd -r -ps
else
echo "Usage ./2hexstr.sh enc/dec string"
fi
批量检测pi是否存活
#!/bin/bash
for a in $(seq $1 $2) # team id
do
for i in $(seq 11 11) # problem number
do
ping -c 3 172.36.$a.$i | grep ttl > /dev/null 2>&1
if [ $? != 0 ]
then
echo -e "\033[0;31m172.36.$a.$i is DOWN\033[m"
# echo "\033[0;31m172.35.$a.$i is DOWN\033[m"
else
echo -e "\033[0;32m172.36.$a.$i is UP\033[m"
# echo "\033[0;31m172.35.$a.$i is DOWN\033[m"
fi
done
done
shell脚本批量跑checker(非并发)
#!/bin/bash
for a in $(seq 61 64) # problem number
do
for i in $(seq 11 30) # team id
do
if [[ $1 == '' ]]
then
echo "Usage: ./checker.sh 61"
exit
elif [ $1 == "61" ] && [ $a -eq 61 ]
then
echo -e "\033[0;32m172.35.$a.$i\033[m" → "python3 checker-babyphp.py" 172.35.$a.$i
python3 checker-babyphp.py 172.35.$a.$i
elif [ $1 == "62" ] && [ $a -eq 62 ]
then
echo -e "\033[0;32m172.35.$a.$i\033[m" → "python3 checker-bjcms.py" 172.35.$a.$i
python3 checker-bjcms.py 172.35.$a.$i
elif [ $1 == "63" ] && [ $a -eq 63 ]
then
echo -e "\033[0;32m172.35.$a.$i\033[m" → "python3 checker-ezcard.py" 172.35.$a.$i
python3 checker-ezcard.py 172.35.$a.$i
elif [ $1 == "64" ] && [ $a -eq 64 ]
then
echo -e "\033[0;32m172.35.$a.$i\033[m" → "python3 checker-phpok.py" 172.35.$a.$i
python3 checker-phpok.py 172.35.$a.$i
# else
# echo "error ip!"
fi
done
done
change/download glibc
#!/bin/bash
usage_dowload() {
echo >&2 "Usage: $0 id"
exit 2
}
usage_extract() {
echo -e >&2 "Usage: $0 deb output"
exit 2
}
die() {
echo >&2 $1
exit 1
}
get_arch() {
local x86="X86-64"
local x32="80386"
local data=$(readelf -h $1)
if [[ $data =~ $x86 ]];then
arch='amd64'
elif [[ $data =~ $x32 ]];then
arch='i386'
else
echo "no"
exit 1
fi
}
get_ver() {
buf=$(strings $libcname |grep "GNU C Library" |awk '{print $6}')
libcversion=${buf%*)}
buf=$(strings $libcname |grep "GNU C Library" |awk '{print $6}')
version=${buf%-*}
}
extract() {
if [[ $# -ne 2 ]]; then
usage_extract
fi
local deb=`readlink -f $1`
local out=$2
if [ ! -d "$out" ]; then
mkdir $out
fi
local tmp=`mktemp -d`
cd $tmp
ar xv $deb || die "ar failed"
if [ -f "data.tar.zst" ];then
tar -I zstd -xf data.tar.* || die "tar failed"
else
tar xf data.tar.* || die "tar failed"
fi
cd -
cp -rP $tmp/lib/*/* $out 2>/dev/null \
|| cp -rP $tmp/lib32/* $out 2>/dev/null \
|| cp -rP $tmp/usr/lib/debug/lib/*/* $out 2>/dev/null \
|| cp -rP $tmp/usr/lib/debug/lib32/* $out 2>/dev/null \
|| cp -rP $tmp/usr/lib/debug/.build-id $out 2>/dev/null \
|| die "Failed to save. Check it manually $tmp"
rm -rf $tmp
}
clibc() {
FILE_NAME=$1
LIBC_VERSION=$2
LIBC_DIR=/home/yrl/glibc-all-in-one
libc_dir=$(find $LIBC_DIR -name "$LIBC_VERSION*")
if [ "$libc_dir" = "" ];then
echo "Not support version or your $LIBC_DIR don't have libc"
exit
fi
if [ "$3" ]
then
if [[ $(echo "$LIBC_VERSION >= 2.31"|bc) -eq 1 ]];then
Record $1
patchelf --set-interpreter $3/ld-linux-x86-64.so.2 --set-rpath $3/ $1
sudo rm -rf /usr/lib/debug/.build-id/
sudo cp -r $3/.debug/.build-id/ /usr/lib/debug
die "[+]success"
else
Record $1
patchelf --set-interpreter $3/ld-$LIBC_VERSION.so --set-rpath $3/ $1
die "[+]success"
fi
else
printf '%s\n' "$libc_dir"
echo -e '\033[32mPlease specify the directory \033[0m'
fi
}
chlibc() {
FILE_NAME=$1
LIBC_VERSION=$2
LIBC_DIR=/home/yrl/glibc-all-in-one
libc_dir=$(find $LIBC_DIR -name "$LIBC_VERSION*")
if [ "$libc_dir" = "" ];then
echo "Not support version or your $LIBC_DIR don't have libc"
exit
fi
if [ "$3" ]
then
if [[ $(echo "$LIBC_VERSION >= 2.31"|bc) -eq 1 ]];then
Record $1
patchelf --set-interpreter $3/ld-linux-x86-64.so.2 --replace-needed libc.so.6 $3/libc.so.6 $1
sudo rm -rf /usr/lib/debug/.build-id/
sudo cp -r $3/.debug/.build-id/ /usr/lib/debug
die "[+]success"
else
Record $1
patchelf --set-interpreter $3/ld-$LIBC_VERSION.so --replace-needed libc.so.6 $3/libc-$LIBC_VERSION.so $1
die "[+]success"
fi
else
printf '%s\n' "$libc_dir"
echo -e '\033[32mPlease specify the directory \033[0m'
fi
}
download_rpath() {
id=$libcversion'_'$arch
local LIBC_PREFIX="libc6_"
local LIBC_DBG_PREFIX="libc6-dbg_"
local deb_name=$LIBC_PREFIX$id.deb
local dbg_name=$LIBC_DBG_PREFIX$id.deb
echo "Getting $id"
if [ -d "$LIBC_DIR/libs/$id" ]; then
clibc $filename $version $LIBC_DIR/libs/$id
die "[+]success"
fi
# download binary package
url="$SOURCE/$deb_name"
echo " -> Location: $url"
echo " -> Downloading libc binary package"
sudo wget "$url" 2>/dev/null -O $LIBC_DIR/debs/$deb_name || download_old_rpath
echo " -> Extracting libc binary package"
mkdir $LIBC_DIR/libs/$id
extract $LIBC_DIR/debs/$deb_name $LIBC_DIR/libs/$id
echo " -> Package saved to $LIBC_DIR/libs/$id"
# download debug info package
url="$SOURCE/$dbg_name"
echo " -> Location: $url"
echo " -> Downloading libc debug package"
sudo wget "$url" 2>/dev/null -O $LIBC_DIR/debs/$dbg_name || download_old_rpath
echo " -> Extracting libc debug package"
mkdir $LIBC_DIR/libs/$id/.debug
extract $LIBC_DIR/debs/$dbg_name $LIBC_DIR/libs/$id/.debug
echo " -> Package saved to $LIBC_DIR/libs/$id/.debug"
clibc $filename $version $LIBC_DIR/libs/$id
die "[+]success"
}
download_old_rpath(){
id=$libcversion'_'$arch
local LIBC_PREFIX="libc6_"
local LIBC_DBG_PREFIX="libc6-dbg_"
local deb_name=$LIBC_PREFIX$id.deb
local dbg_name=$LIBC_DBG_PREFIX$id.deb
echo "Getting $id"
if [ -d "$LIBC_DIR/libs/$id" ]; then
clibc $filename $version $LIBC_DIR/libs/$id
die "[+]success"
fi
# download binary package
url="$OLD_SOURCE/$deb_name"
echo " -> Location: $url"
echo " -> Downloading libc binary package"
sudo wget "$url" 2>/dev/null -O $LIBC_DIR/debs/$deb_name || die "Failed to download package from $url"
echo " -> Extracting libc binary package"
mkdir $LIBC_DIR/libs/$id
extract $LIBC_DIR/debs/$deb_name $LIBC_DIR/libs/$id
echo " -> Package saved to $LIBC_DIR/$libs/$id"
# download debug info package
url="$OLD_SOURCE/$dbg_name"
echo " -> Location: $url"
echo " -> Downloading libc debug package"
sudo wget "$url" 2>/dev/null -O $LIBC_DIR/debs/$dbg_name || die "Failed to download package from $url"
echo " -> Extracting libc debug package"
mkdir $LIBC_DIR/libs/$id/.debug
extract $LIBC_DIR/debs/$dbg_name $LIBC_DIR/libs/$id/.debug
echo " -> Package saved to $LIBC_DIR/libs/$id/.debug"
clibc $filename $version $LIBC_DIR/libs/$id
die "[+]success"
}
download_need() {
id=$libcversion'_'$arch
local LIBC_PREFIX="libc6_"
local LIBC_DBG_PREFIX="libc6-dbg_"
local deb_name=$LIBC_PREFIX$id.deb
local dbg_name=$LIBC_DBG_PREFIX$id.deb
echo "Getting $id"
if [ -d "$LIBC_DIR/libs/$id" ]; then
chlibc $filename $version $LIBC_DIR/libs/$id
die "[+]success"
fi
# download binary package
url="$SOURCE/$deb_name"
echo " -> Location: $url"
echo " -> Downloading libc binary package"
sudo wget "$url" 2>/dev/null -O $LIBC_DIR/debs/$deb_name || download_old_need
echo " -> Extracting libc binary package"
mkdir $LIBC_DIR/libs/$id
extract $LIBC_DIR/debs/$deb_name $LIBC_DIR/libs/$id
echo " -> Package saved to $LIBC_DIR/libs/$id"
# download debug info package
url="$SOURCE/$dbg_name"
echo " -> Location: $url"
echo " -> Downloading libc debug package"
sudo wget "$url" 2>/dev/null -O $LIBC_DIR/debs/$dbg_name || download_old_need
echo " -> Extracting libc debug package"
mkdir $LIBC_DIR/libs/$id/.debug
extract $LIBC_DIR/debs/$dbg_name $LIBC_DIR/libs/$id/.debug
echo " -> Package saved to $LIBC_DIR/libs/$id/.debug"
chlibc $filename $version $LIBC_DIR/libs/$id
die "[+]success"
}
download_old_need(){
id=$libcversion'_'$arch
local LIBC_PREFIX="libc6_"
local LIBC_DBG_PREFIX="libc6-dbg_"
local deb_name=$LIBC_PREFIX$id.deb
local dbg_name=$LIBC_DBG_PREFIX$id.deb
echo "Getting $id"
if [ -d "$LIBC_DIR/libs/$id" ]; then
chlibc $filename $version $LIBC_DIR/libs/$id
die "[+]success"
fi
# download binary package
url="$OLD_SOURCE/$deb_name"
echo " -> Location: $url"
echo " -> Downloading libc binary package"
sudo wget "$url" 2>/dev/null -O $LIBC_DIR/debs/$deb_name || die "Failed to download package from $url"
echo " -> Extracting libc binary package"
mkdir $LIBC_DIR/libs/$id
extract $LIBC_DIR/debs/$deb_name $LIBC_DIR/libs/$id
echo " -> Package saved to $LIBC_DIR/libs/$id"
# download debug info package
url="$OLD_SOURCE/$dbg_name"
echo " -> Location: $url"
echo " -> Downloading libc debug package"
sudo wget "$url" 2>/dev/null -O $LIBC_DIR/debs/$dbg_name || die "Failed to download package from $url"
echo " -> Extracting libc debug package"
mkdir $LIBC_DIR/libs/$id/.debug
extract $LIBC_DIR/debs/$dbg_name $LIBC_DIR/libs/$id/.debug
echo " -> Package saved to $LIBC_DIR/libs/$id/.debug"
chlibc $filename $version $LIBC_DIR/libs/$id
die "[+]success"
}
Record(){
if [ -e $1.bak ];then
cp $1.bak $1
else
cp $1 $1.bak
fi
}
while getopts 's:x:hvc:e:r:' OPT
do
case $OPT in
s)
libcname=$OPTARG
get_ver
echo -e "\033[32mLIBC_VERSION: \033[0m"$libcversion
;;
x)
if [ "$2" = "-n" ];then
filename=$3
libcname=$4
LIBC_DIR=/home/yrl/glibc-all-in-one
SOURCE="https://mirror.tuna.tsinghua.edu.cn/ubuntu/pool/main/g/glibc"
OLD_SOURCE="http://old-releases.ubuntu.com/ubuntu/pool/main/g/glibc"
get_arch "$4"
get_ver
download_need
else
filename=$2
libcname=$3
LIBC_DIR=/home/yrl/glibc-all-in-one
SOURCE="https://mirror.tuna.tsinghua.edu.cn/ubuntu/pool/main/g/glibc"
OLD_SOURCE="http://old-releases.ubuntu.com/ubuntu/pool/main/g/glibc"
get_arch "$3"
get_ver
download_rpath
fi
;;
c)
if [ "$2" = "-n" ];then
chlibc $3 $4 $5
else
clibc $2 $3 $4
fi
;;
e)
LIBC_PREFIX="libc6_"
LIBC_DBG_PREFIX="libc6-dbg_"
LIBC_DIR=/home/yrl/glibc-all-in-one/
deb=$2
fondername0=${deb#*_}
fondername=${fondername0%.*}
if [ -d /home/yrl/glibc-all-in-one/libs/$fondername ];then
echo -e "[-]already exists, do overwrite"
else
mkdir $LIBC_DIR/libs/$fondername
mkdir $LIBC_DIR/libs/$fondername/.debug
echo -e "[+]create folder finish"
fi
if [[ $2 =~ $LIBC_DBG_PREFIX ]];then
extract $2 $LIBC_DIR/libs/$fondername/.debug
sudo chmod 755 -R $LIBC_DIR/libs/$fondername/.debug
else
extract $2 $LIBC_DIR/libs/$fondername
sudo chmod 755 -R $LIBC_DIR/libs/$fondername
fi
;;
r)
if [ -e $2.bak ];then
cp $2.bak $2
echo -e "[+]restore!"
else
exit -1
fi
;;
v)
echo "xclibc v0.6"
echo "------------------------"
echo "|Update based on xclibc|"
echo "|Writen by E4L4 |"
echo "------------------------"
exit -1
;;
h)
echo "Usage: xclibc [OPTION]...[FILE]..."
echo "Change the libc environment for file running."
echo ""
echo " -s,[libcfile] see the libc file version"
echo " -x,<-n> [file] [libcfile] change the libc environment,-n:by modifying --replace-needed"
echo " -c,<-n> [file] [version] [dir] change the specified libc version environment,-n:by modifying --replace-needed"
echo " -e,[deb] extract the deb to the glibc-all-in-one"
echo " -r,[file] restore original file"
echo " -h, display this help and exit"
echo " -v, output version information and exit"
echo ""
echo "Examples:"
echo " xclibc -x pwn libc.so.6"
echo " switch the version environment of the libc.so.6"
echo " xclibc -c pwn 2.35 [Enter]"
echo " xclibc -c pwn 2.35 /home/pwn/glibc-all-in-one/libs/2.35-0ubuntu3_amd64"
echo " you can switch the libc environment where the pwn file runs to 2.35-0ubuntu3_amd64"
exit -1
;;
esac
done
使用前需要替换脚本中的libc库的目录路径,关于调试符号,脚本会替换本机的glibc调试符号,使用完毕后需手动恢复原始调试符号。
用法:
patch 某个glibc:
xclibc -x pwn libc.so.6
会自动识别libc版本,并且patch库中对应的版本,若库中没有,则会自动下载解压xclibc -c pwn 2.35 [Enter]
会列举对应大版本的所有小版本进行选择,随后xclibc -c pwn 2.35 /home/pwn/glibc-all-in-one/libs/2.35-0ubuntu3_amd64
进行切换libc