sys_execve
产生“ myecho”
我想将“ myecho”的标准输出捕获到文件“ messages.txt”以进行进一步处理。
我不知道如何告诉产卵的“ myecho”将其输出重定向到文件。
myprog program
[.data]
Par1 DB "Param1",0
Par2 DB "Param2",0
Par3 DB ">messages.txt",0
Env1 DB 0 ; Not used.
Command DB "/path/to/myecho",0
Parameters DD Par1,Par2,Par3,0
Environment DD Env1
[.text]
; Execute "myecho" from "myprog":
MOV EAX,11 ; Kernel # of "execve" in 32bit Linux.
MOV EBX,Command ;
MOV ECX,Parameters ;
MOV EDX,Environment ;
INT 0x80
我期望执行行是类似
/path/to/myecho Param1 Param2 >messages.txt
但似乎不是那样工作的。
“> Message.txt”被视为逐字化的第三个参数。
我试图用>
^逃脱重定向操作员Esc
Par3 DB "^>messages.txt",0
Par3 DB 27,">messages.txt",0
但没有成功。
也许我需要用fork产生“ myecho” 而不是execve
并使用Tee
来管输出输出,但我不知道如何将“ myecho”的输出连接到“ TEE”的文件描述符。 如何运行“ myecho”内部“ myprog”,将其输出捕获到文件中,然后在“ myprog”中处理此输出? yes,我一直在寻找dup2
将标准输出重定向到文件句柄,正如fuz所评论的那样。 我使用了Jester
提出的程序,现在可以正常工作。 谢谢你们,先生们!myprog program
[.data]
Par1 DB "Param1",0
Par2 DB "Param2",0
Env1 DB 0 ; Not used.
Command DB "/path/to/myecho",0
Parameters DD Command,Par1,Par2,0
Environment DD Env1
Messages DB "messages.txt",0
FdMessages DD 0 ; File descriptor of "messages.txt".
[.text]
LinAPI open, Messages, O_RDWR+O_CREAT, 777q
MOV [FdMessages],EAX ; File descriptor of the text file (empty so far).
LinAPI fork ; Divide the current process into two: child and parent.
CMP EAX,0
JNZ Parent:
; I am in the child process which will be transformed to "myecho" soon.
LinAPI dup2,[FdMessages],1 ; Replace child's stdandard output with FdMessages.
LinAPI execve, Command, Parameters, Environment ; Child becomes "myecho".
Parent: ; Continue with parent process "myprog".
LinAPI waitpid, -1, 0, 0 ; Wait until the child terminates.
LinAPI close, [FdMessages]
; The file "messages.txt" is written now and it can be analyzed.