If a C program was used to send a combination of Find/Sed instructions to system, where would a system admin best find evidence of this happening, and is it possible to find the exact arguments passed to these programs? Just to say that I am mentioning that it is a C program doing this to exclude the bash history. Would really appreciate someone to give me a list of places to look. Thank you.
pseudo code:
Way in which Find/Sed invoked:
Command= find .... exec Sed.....
sprintf(command,....
system(command);
That would depend entirely on how the C program invoked find/sed, and whether or not it redirected the I/O. There may not be any record of the process having been run unless some kind of process accounting is enabled.
Either use absolute paths or use the function getcwd to get the current working directory and work it out from there where the files will be stored from the redirection.
Related
I am trying to call a do file which has loops from a program in other do file. I am getting an error.
Now, if I use do instead of include, it runs fine but I don't get to use local macros created. I used include so I can use the macros further in the program. I don't want to use global.
First do file (test.do).
forval i = 1/5 {
local val`i' = `i'
}
Second do file(call-test.do)
capture program drop test
program test
include "test.do"
di `val1'
end
test
I got error r(9611);
I using version 16.1
Response from Stata support
The -include- is designed to let you share definitions. It will not
work correctly within a program as documented in -help include-
The short answer is that -include- is usually ok to use in programs,
but not with looping commands, and if you use -include- in a program,
it probably isn't working the way you think it is.
Here's the long version of exactly what is going on:
When you use -include- in a program, your program literally includes
the -include- command in it. The program does NOT have the contents
of the include file substituted in place. That's the start of the
problem for looping commands.
In any case, when a program executes the -include- command, Stata gets
confused about whether to define a loop program on the behalf of a
looping command globally or within the program, and things go downhill
from there. Given how the code is structured, it is unlikely we could
fix -include- to behave differently, so our documentation really
should simply recommend against using -include- in programs. In
addition, at the point at which the failure occurs, Stata simply knows
that it cannot call a program that it thinks should already be in
memory, hence the 9611 return code. It has no idea at that point that
this was because it was called with -include-, unfortunately.
We could in the future introduce a true C-like "#include" for use in
programs which would simply substitute in-line the lines from whatever
was included into your program
To be more concrete, I have a C executable and I want to know in my bash script the execution time of a function from that C. I also want to know if I can find out what is the value of a certain variable from that file .
PS: I don't want to output on the console the things I need from the C file and then to read that output in the script
Short answer is no.
Longer answer is no, but have a look at profilers to measure the execution time of a program (e.g. gprof) and debuggers to inspect value of variables during runtime (e.g. gdb).
I want to start a program using a batch-file. When I start the program manually (just double-clicking the exe-file) I have to select two file paths manually. I want to make a bat-script which starts the program and passes these two paths as arguments, so that the paths are already set when the program starts. The problem is that I don't know what the program will accept as arguments, or what order the of the arguments should be.
Is there any way of figuring out which arguments an exe-file can take?
If the exe doesn't provide a help output using ? or h as parameter and there is no doc, there is no easy way. Depending on the language the program is written in and whether you are allowed to decompile it or not, you might use tools like Reflector to decompile it and check which arguments are possible. This might help you: How do I decompile a .NET EXE into readable C# source code?
However, most software licenses prohibit decompiling even if they can't prevent it.
I need to run a program that crawls websites and I already have an algorithm and some parts of the code. Problem is, I do not know how to insert wget into my source code. Our student assistant hinted that some kind of keyword or function shall be used before the wget( system, I think or something but I'm not so sure).
when to not use system:
1.) when you want to distribute the program to different environment, where the program you call via system is not available
2.) in a security relevant environment, where you have to make sure that the program you call is really the program you want it to be
3.) when the thing you want to do can easily be accomplished in 10-20 lines of C code
4.) in performance-critical applications
so, you should use system virtually never.
instead, to accomplish the same thing, you could use libcurl, as David suggested (his answer seems to be gone...), or do some socket programming (it's C, after all).
In a real-world scenario, I'd probably just default to writing the crawler in a different language. web requests and complex string processing are not necessarily the strong sides of C, and most definitely not very convenient to use :)
You can use the system() command.
In your case (possibly):
system("/bin/wget");
But if you want really call wget with parameters, so you should use execl().
execl("/bin/wget", "http://anyadress.com/file");
Whenever , you want to run shell commands from your C program , you use system("shell command").In your case
system("wget");
Note - wget is an executable , whose location is added to the path variable, so there is no need to specify the path explicitly.
-- Example --
#include <stdio.h>
#define BUFFLEN 2500
int main()
{
char web_address[BUFFLEN] = "www.google.com";
system("wget 'web_address' ");
return 0;
}
The system command is used to execute a shell command. man system
I am trying to write a program that allows a binary to be run, substituting a certain file when requested with another. It is a library with simple replacements for the system call functions, that is used with LD_PRELOAD. The problem is that it catches opens for reading (the substitute file is read instead), but writes always go back to the actual, specified file. Are there any other "open" system calls I should know about?
Nevermind -- stupid mistake.
Wasn't checking both absolute and relative paths...
I am not sure what the cause of your problem is, but using strace on your program might give some insight. It should be part of any sane Linux distribution.
If it's open for writing, it's most likely going through the creat function (I'm guessing fopen would be redirecting you there). Check your fcntl.h for a complete list.
substituting a certain file when requested with another
Sounds like you check only for the input file (do you check by filename?). You need to check and substitute the output file, too.
If you output goes to one of the standard outputs, then you need to close and reopen them with your output substitute) before you fork into the executable.
To find all system calls that your executable makes you can use strace.
To find all library calls that your executable makes you can use ltrace.