[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Bug on function.
From: |
Kelvin Tan Thiam Teck |
Subject: |
Bug on function. |
Date: |
Tue, 8 Dec 2015 09:45:29 +0800 |
hi, there's a bug on function that allow attacker to inject parameters.
./report.sh "echo ln -s /sbin/halt; mv halt ;reboot8 ; reboot" AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA
#!/bin/bash
function library {
echo ${@}
}
function Gateway {
unset param
param[7]="$8"
piaram[8]="$9"
param[9]="$10"
param[10]="$11"
param[11]="$12"
param[12]="$13"
param[13]="$14"
param[14]="$15"
param[15]="$16"
param[16]="$17"
param[17]="$18"
param[18]="$19"
#echo "After Passing Thru Function: ${param[@]}"
echo "9th: `$9`"
echo "10th: $10"
echo "11th: $11"
echo "12th: $12"
echo "13th: $13"
echo "14th: $14"
echo "15th: $15"
echo "16th: $16"
echo "17th: $17"
$18
echo "19th: $19"
echo "20th: $20"
}
echo "Before Passing Thru Function: $*"
Gateway $*
- Bug on function.,
Kelvin Tan Thiam Teck <=
- Re: Bug on function., Greg Wooledge, 2015/12/08
- Re: Bug on function., Quentin, 2015/12/08
- Re: Bug on function., Kelvin Tan Thiam Teck, 2015/12/08
- Re: Bug on function., Pierre Gaston, 2015/12/08
- Re: Bug on function., Kelvin Tan Thiam Teck, 2015/12/08
- Re: Bug on function., Kelvin Tan Thiam Teck, 2015/12/08
- Re: Bug on function., Pierre Gaston, 2015/12/08
- Re: Bug on function., Kelvin Tan Thiam Teck, 2015/12/08
- Re: Bug on function., Kelvin Tan Thiam Teck, 2015/12/08
- Re: Bug on function., Pierre Gaston, 2015/12/08