That example is more of an example of unsanitized input and improper error checking. While it is a common broblem with shell, I don't see how it relates to the claim made earlier. Is there a better example the doesn't rely on the user providing unchecked input? Maybe that example would make it clear to me.
Warren Turkal Linux Enthusiast and Libre Software Advocate On Jul 19, 2009 7:09 AM, "Alina Friedrichsen" <x-al...@gmx.net> wrote: Hi! > Could you quote an example or deliver an exploit? A example for the BASH: if [ -z "$do_login" -o "$user" != 'foo' -o "$password" != 'bar' ]; then echo login faild else echo login success fi Normal: http://[...]/[...]?do_login=1&user=foo&password=unknown Output: login faild Exploit: http://[...]/[...]?do_login==&user=foo&password=unknown Output: bash: [: too many arguments login success Regards Alina _______________________________________________ openwrt-devel mailing list openwrt-de...
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
