search

ctil / zargparse

A tool for generating zsh completion files for python command line tools that use argparse
MIT License
12 stars 2 forks source link

Completions are incorrect for `pwn` command-line tools #5

Open zachriggle opened 4 years ago

zachriggle commented 4 years ago

The completions generated for Pwntools' pwn command are incorrect:

~ ❯❯❯ pwn --help
usage: pwn [-h]
           {asm,checksec,constgrep,cyclic,debug,disasm,disablenx,elfdiff,elfpatch,errno,hex,phd,pwnstrip,scramble,shellcraft,template,unhex,update}
           ...

Pwntools Command-line Interface

positional arguments:
  {asm,checksec,constgrep,cyclic,debug,disasm,disablenx,elfdiff,elfpatch,errno,hex,phd,pwnstrip,scramble,shellcraft,template,unhex,update}
    asm                 Assemble shellcode into bytes
    checksec            Check binary security settings
    constgrep           Looking up constants from header files. Example:
                        constgrep -c freebsd -m ^PROT_ '3 + 4'
    cyclic              Cyclic pattern creator/finder
    debug               Debug a binary in GDB
...

Compare to the completion generated:

~ ❯❯❯ pwn checksec
 -- command --
checksec    asm  -- Assemble shellcode into bytes
constgrep        -- Check binary security settings
cyclic           -- Looking up constants from header files.\n\nExample: constgrep -c freebsd -m  ^PROT_ 3
debug            -- Cyclic pattern creator/finder
disablenx        -- Disassemble bytes into text format
disasm           -- Debug a binary in GDB
elfdiff          -- Disable NX for an ELF binary
elfpatch         -- Compare two ELF files
errno            -- Patch an ELF file
hex              -- Prints out error messages
phd              -- \nHex-encodes data provided on the command line or stdin\n
pwnstrip         -- Pwnlib HexDump

It looks like there are some issues with newline processing

ctil commented 4 years ago

Thanks for reporting! I'll take a look.

ctil commented 4 years ago

I pushed changes in ba719e3a359fcae5e68034470c3080ed484eeaf1 that'll hopefully fix this, but let me know if not. I wasn't able to reproduce the same error on my machine (MacOS with built in terminal and oh-my-zsh installed), but did find some issues that could potentially be causing this.

  1. The help text for constgrep has a single quote in it that was added to the generated completion file and prematurely closed a string. This was causing issues in my shell where it thought "+" and "4" from the constgrep command were individual commands.
  2. Some of the help text has leading and trailing whitespace. I'll strip that whitespace since it shouldn't be rendered during autocompletion.

Here's what my completion looked like:

asm         -- Assemble shellcode into bytes
checksec    -- Check binary security settings
constgrep   -- Looking up constants from header files.

Example: constgrep -c freebsd -m  ^PROT_ 3
cyclic      -- Cyclic pattern creator/finder
debug       -- Debug a binary in GDB
disablenx   -- Disable NX for an ELF binary
disasm      -- Disassemble bytes into text format
elfdiff     -- Compare two ELF files
elfpatch    -- Patch an ELF file
errno       -- Prints out error messages
hex         -- 
Hex-encodes data provided on the command line or stdin

phd         -- Pwnlib HexDump
pwnstrip    -- Strip binaries for CTF usage
scramble    -- Shellcode encoder
shellcraft  -- Microwave shellcode -- Easy, fast and delicious
template    -- Generate an exploit template
unhex       -- 
Decodes hex-encoded data provided on the command line or via stdin.

update      -- Check for pwntools updates
+  4
zachriggle commented 4 years ago

There are a few tools I've been looking at recently to automatically generate completions for the pwn command.

https://kislyuk.github.io/argcomplete/ https://pypi.org/project/genzshcomp/

I've filed an issue with genzshcomp since it only seems to work with individual commands and not the central pwn entry point

ctil commented 4 years ago

I see. I think I looked into both of those tools before writing this one and they didn't quite do what I was looking for. Did my change fix the issue you reported? If so, I'm going to close out this issue.

zachriggle commented 4 years ago

I updated (ba719e3) and regenerated this via ./zargparse.py ~/github.com/pwntools/pwnlib/commandline/asm.py and still get similar behavior.

~ ❯❯❯ pwn checksec
 -- command --
checksec    asm  -- Assemble shellcode into bytes
constgrep        -- Check binary security settings
cyclic           -- Looking up constants from header files.\n\nExample: constgrep -c freebsd -m  ^PROT_ "3 + 4"
debug            -- Cyclic pattern creator/finder
disablenx        -- Disassemble bytes into text format
disasm           -- Debug a binary in GDB
elfdiff          -- Disable NX for an ELF binary
elfpatch         -- Compare two ELF files
errno            -- Patch an ELF file
hex              -- Prints out error messages
phd              -- Hex-encodes data provided on the command line or stdin
pwnstrip         -- Pwnlib HexDump
scramble         -- Strip binaries for CTF usage
shellcraft       -- Shellcode encoder
template         -- Microwave shellcode -- Easy, fast and delicious
unhex            -- Generate an exploit template
update           -- Decodes hex-encoded data provided on the command line or via stdin.