RSS
 

Posts Tagged ‘bash’

Hackvent 2019: Day 10

11 Dec 2019
CTF: Hackvent 2019
Link to challenge: https://academy.hacking-lab.com
Date Completed: 11 December 2019

 

Challenge

HV19.10 Guess what

Resources: HV19.10-guess3.zip

Solution

We are provided with an ELF binary so the first thing we do is run in in a Linux virtual machine.

The binary prompts us for some input and then tells us we have failed!

Example with input of test:

We look at the strings in the binary for some clues:

We observe how the string  Your input  and  nooooh. try harder! don’t appear as strings.

It is reasonable to assume obfuscation is used at this point to conceal some strings.
We decide to load up the program in one shell and, while its open waiting for input, check the process status output in another shell:

The original binary essentially delegates to calling execve on /bin/bash with the above command but we abuse the fact that it is all in memory to easily fetch our flag!

Flag:  HV19{Sh3ll_0bfuscat10n_1s_fut1l3}

 

 
No Comments

Posted in Hackvent 2019

 

How to get overall CPU utilization from the bash command line (Linux)

27 Nov 2015

For a little project I worked on I needed to get the CPU utilization as a percentage.
I Google’d the issue and searched for “cpu utilization bash“.

To my surprise there were no elegant solutions. Most just failed to work (on my machine anyway) while others were very inaccurate. For example, some would show the same number over and over again. Some would change the numbers but were not related to CPU utilization at all. Others would sample the CPU utilization over 1 second which is a good idea but wouldn’t work well in my script in my particular case (as my script needed an instant result).

So I came up with the following instant and accurate solution:

This outputs a floating point number between 0.0 and 100.0.
Essentially, we look at the current output of the top using  top -n 1  and then tally up all the numbers for all processes in the CPU usage column. Then we simply divide this number by nproc  (number of processor units available) to get the overall CPU utilization. In this case python handled the floating point division for us (as bash cannot do floating point arithmetic).

Pro tip

You can use the  stress  command (http://linux.die.net/man/1/stress) to stress test your system in order to check the above solution. You should notice that the script will output a number close to 100 if you stress all processor cores.

 
No Comments

Posted in Linux