这段使用 netcat 和管道创建 shell 的 bash 代码到底发生了什么?
mkfifo /tmp/f ; cat /tmp/f | /bin/bash -i 2>&1 | nc -l -p 1234 > /tmp/f
我是 bash 新手,我试图理解这段“代码”。
- 为什么不需要 while 循环?这怎么行?它本身是一个循环吗?为什么?如何? 另外, cat filePipe 本身只打印一行,然后退出(我刚刚测试过),为了使 cat 不退出,我这样做:
while cat pipelineFile ;做 : ;完成。那么上面的内容是如何工作的呢? - 我不明白执行的顺序...开始时 /tmp/f 是空的,所以 cat /tmp/f 应该“发送”一个空流到 /bin/bash ,它只是将其发送到打开连接的 nc并将交互式 bash“发送”给连接的任何人...并且客户端的响应被发送到 /tmp/f ...然后呢?什么?它怎么能回去再做同样的事情呢?
mkfifo /tmp/f ; cat /tmp/f | /bin/bash -i 2>&1 | nc -l -p 1234 > /tmp/f
I am new to bash, I am trying to understand this piece of "code".
- Why a while loop is not needed? How can this work? Is it itself a loop? Why? How?
Also,cat filePipeby itself ONLY PRINTS ONE LINE, and then exits (I just tested it), and to make cat not to exit I do:while cat pipeFile ; do : ; done. So how does that above work? - I don't get the order of execution... at the beginning /tmp/f is empty, so cat /tmp/f should "send" an empty stream to /bin/bash which just send it to nc which opens a connection and "sends" the interactive bash to whoever connects... and the response of the client is sent to /tmp/f ... and then? What? How can it can go back and do the same things again?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
当 bash 解析行 mkfifo /tmp/f 时;猫 /tmp/f | /bin/bash -i 2>&1 | nc -l -p 1234 > /tmp/f,发生了几件事。首先,创建 fifo。然后,不按特定顺序,发生 3 件事:
cat启动,bash启动,nc启动,其输出流连接到 <代码>/tmp/f。cat现在将阻塞,直到其他进程打开/tmp/f进行写入;nc即将执行此操作(或已经执行了,但我们不知道cat是否会在nc之前启动,或者是否cat会在nc之前启动>nc 在cat之前开始,我们也不知道他们会以什么顺序打开 fifo,但无论谁先打开,都会阻塞,直到另一个完成操作)。一旦所有 3 个进程启动,它们就会坐在那里等待一些数据。最终,一些外部进程连接到端口 1234 并将一些数据发送到 nc,然后写入到 /tmp/f。cat(最终)读取该数据并将其发送到下游的bash,后者处理输入并(可能)将一些数据写入nc,其中通过套接字连接将其发送回。如果您有一个测试用例,其中
cat /tmp/f仅写入一行数据,那是因为您使用的任何进程仅写入/tmp/f写了一行。尝试: printf 'foo\nbar\nbaz\n' > /tmp/f & cat /tmp/f 或while sleep 1;约会;完成> /tmp/f &猫/tmp/fWhen
bashparses the linemkfifo /tmp/f ; cat /tmp/f | /bin/bash -i 2>&1 | nc -l -p 1234 > /tmp/f, several things happen. First, the fifo is created. Then, in no particular order, 3 things happen:catis started,bashis started andncis started with its output stream connected to/tmp/f.catis now going to block until some other process opens/tmp/ffor writing; thencis about to do that (or already did it, but we don't know ifcatwill start beforencor ifncstarts beforecat, nor do we know in which order they will open the fifo, but whoever does it first will block until the other completes the operation). Once all 3 processes start, they will just sit there waiting for some data. Eventually, some external process connects to port 1234 and sends some data intonc, which writes into/tmp/f.cat(eventually) reads that data and sends it downstream tobash, which processes the input and (probably) writes some data intonc, which sends it back across the socket connection.If you have a test case in which
cat /tmp/fonly writes one line of data, that is simply because whatever process you used to write into/tmp/fonly wrote a single line. Try:printf 'foo\nbar\nbaz\n' > /tmp/f & cat /tmp/forwhile sleep 1; do date; done > /tmp/f & cat /tmp/f/tmp/f 不是空的,而是一个 fifo,一个双向链接。
有人连接到端口 1234,输入一些内容,
nc将转发到fifo,然后将其输入到bash。bash运行命令并将结果发送回nc。/tmp/f is NOT empty, but a fifo, a bi-directional link.
Someone connects to port 1234, type something, which
ncwill forward tofifowhich then feeds intobash.bashruns the command and sends results back tonc..1 你误解了当你
echo "string" >/path/fifo时会发生什么。a) 当你只是
echo some >/path/to/somewhere时,你fd).b) fifo( 第一个In是第一个第一个Out。)不是文件。
试试这个:
您将看到
cat未终止。现在,cat 将关闭
所以不需要任何循环!
.2 命令
cat /tmp/f | /bin/bash -i 2>&1 | nc -l -p 1234 > /tmp/f可以写成(避免无用地使用
cat):但你也可以同样 操作,但来自 vue 的不同点:
目标是
nc的 驱动 bash 的 STDIN em>STDOUT 和nc的 STDIN。.3 更多:bashism
在 bash 下,您可以通过使用未命名的fifo来避免创建fifo:
或者
.1 You misunderstand what happen when you
echo "string" >/path/fifo.a) When you just
echo something >/path/to/somewhere, youfd).b) A fifo (The First In is the First Out.) is not a file.
Try this:
You will see
catnot terminating.Now, cat will close
So there is no need of any loop!
.2 command
cat /tmp/f | /bin/bash -i 2>&1 | nc -l -p 1234 > /tmp/fcould be written (avoid useless use of
cat):but you could do same operation but from different point of vue:
The goal is
nc's STDOUT andnc's STDIN..3 The more: bashism
Under bash, you could avoid creating fifo by using unnamed fifo:
or