Hosting Provided By

Re: shell script cgi

From: Brian Hatch <vuln-dev(at)ifokr.org>
Date: Thu Nov 14 2002 - 18:15:54 EST

> I have found the line below in an sh cgi program, and

Anyone else remembering the 'nph-finger' days of yore? It had

echo QUERY_STRING = $QUERY_STRING

you could pass things like '*' to abuse shell filename expansion, and that'd be the best you're going to get out of that code. I don't think you can get it to execute arbitrary commands, no matter what you try.

--
Brian Hatch                  Behavioral Psychology:
   Systems and                Pulling habits out of rats
   Security Engineer
http://www.ifokr.org/bri/

Every message PGP signed

application/pgp-signature attachment: stored

Received on Fri Nov 15 02:51:37 2002

This message: [ Message body ]
Next message: c jones: "Re: shell script cgi"
Previous message: Ryan Yagatich: "PHP"
In reply to c jones: "shell script cgi"
Next in thread: c jones: "Re: shell script cgi"
Reply: c jones: "Re: shell script cgi"
Reply: Philip Rowlands: "Re: shell script cgi"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:37 EDT

Do you need help?