我知道"start"不正确,但我想你明白我想做什么……我知道有一个叫做"bytes"的函数,但我不知道如何正确使用它。例如,我有一个字节数组
'x54x68x69x73x20x70x72x6Fx67x72x61x6Dx20x6Dx75x73x74x20x62x65'
我如何阅读并使用python脚本启动它?我应该使用什么函数,应该导入什么?谢谢你的回答(顺便说一句,我是个新手)
这就是你的想法吗?
>>> bytes('x54x68x69x73x20x70x72x6Fx67x72x61x6Dx20x6Dx75x73x74x20x62x65')
'This program must be'
>>>
如果你想在脚本中使用它:
#!/usr/local/bin/python
# You can encode the python instructions on this webpage:
# http://www.string-functions.com/string-hex.aspx
#
#
# The following hex string encodes this:
# for i in xrage(0,10):
# print i
thestring = "x66x6fx72x20x69x20x69x6ex20x78x72x61x6ex67x65x28x30x2cx31x30x29x3ax0dx0ax20x20x20x20x70x72x69x6ex74x20x69"
# Demonstration of possible code injection
# in the function:
thehack = "import os;os.system('echo foobar')"
def hex2string(myhexstring):
"""be carefull with this function possible codeinjection"""
myhexcmd = bytes("%s" % myhexstring)
exec myhexcmd
hex2string(thestring)
亲切问候,
Dirk