socat / xinetd

출처 : alexpark 님의 github(https://github.com/alexpark07/KISS/blob/master/seeteef/execute_ctf_binary.md)

local test

alex@ubuntu:~/hack/CTF_Code/shellcode$ shellcraft cat ./flag -f r | ./demo -
Read 57 bytes of shell code. Here goes.
~~~ Running shellcode ~~~
The flag is: 54f6ea7093d2582f6b32ed396c048c8a
Segmentation fault

remote test

### alex@ubuntu:~/hack/CTF_Code/shellcode$ cat run.sh 

#!/bin/sh
socat TCP-LISTEN:31337,reuseaddr,fork EXEC:"$1"

실행

./run.sh "./demo -"

공격

shellcraft cat ./flag -f r | nc localhost 31337

결과: 
alex@ubuntu:~$ shellcraft cat ./flag -f r | nc localhost 31337
The flag is: 54f6ea7093d2582f6b32ed396c048c8a

strace 랑 연동 

socat TCP-LISTEN:31337,reuseaddr,fork EXEC:"strace -f $1"

xinetd랑도 같이 쓸 수 있다.

#/etc/xinetd.d/sb

service sb

{

socket_type = stream

protocol = tcp

user = root

wait = no

server = /root/pwntw/sb/silver_bullet

port = 10101

}

#vi /etc/service

sb 10101/tcp #마지막 라인에 추가.