尝试在环境变量中执行值时出现分段错误 [英] Segmentation fault on trying to execute value at environment variable

问题描述

嘿，所以我试图解决初学者 ctf 事件的问题.

Hey so I was trying to solve a problem for beginners ctf event.

这是我试图运行的代码.

And this is the code that I am trying to run.

#include <stdio.h>
#include <stdlib.h>

int main(){
            int (*func)();
            func = getenv("MYENV");
            func();
            return 0;
}

我创建了一个这样的 MYENV 环境:

I created a MYENV environment like this :

导出 MYENV=ls

但是在运行代码时，它会抛出一个分段错误(核心转储).我不明白为什么.

but on running the code, it throws a segmentation fault (core dumped). I don't understand why.

func 函数基本上是调用环境变量，其值是我设置的一个简单命令.为什么会抛出错误.

The func function is basically calling the environment variable whose value is a simple command that I set. Why is it throwing an error.

我对 linux 和 shell 很陌生，所以如果这太天真了，我很抱歉.

I'm very new at linux and shell, so I'm sorry if this is too naive.

推荐答案

在 C 中，如果要运行系统命令，则必须使用 system 函数(或 exec 函数，但这更复杂):

In C, if you want to run a system command, you have to use the system function (or one of the exec functions but that's more complicated):

#include <stdio.h>
#include <stdlib.h>

int main() {
    char* cmd = getenv("MYENV");
    system(cmd);
    return 0;
}

如果你想运行任意代码，你可以向其中注入 shell 代码:

If you're looking to run arbitrary code, you can inject shell code into it:

export MYENV=$'\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80'

您可以在此处了解更多信息.

You can learn more here.

这篇关于尝试在环境变量中执行值时出现分段错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！