Full Disclosure mailing list archives
Re: Windows XP bug
From: Sagar Belure <sagar.belure () gmail com>
Date: Thu, 8 Jul 2010 00:38:35 -0700
On Wed, Jul 7, 2010 at 10:54 AM, BlackHawk <hawkgotyou () gmail com> wrote:
Hi list, i recently discovered a very small Windows XP bug, kind of useless alone but that could be usefull in some scenarios. Explanation: when you try to access a non existing directory though shell command "cd", XP returns an error (obviously), but if you cd to a non-existing & move one directory up, you'll not get any error. Example: --- C:\>cd ./somerandomchars <-- Will give an error Impossibile trovare il percorso specificato. C:\>cd ./somerandomchars/../ <-- Everything is ok C:\> --- PoC on how to make this thing usefull: http://www.scribd.com/doc/28080332/Podcast-Generator-1-3-Arbitrary-File-Download-Windows Hope this could be useful for you in some way.. -- BlackHawk - hawkgotyou () gmail com Sent with Gmail _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Never seen this before. But, it's very obvious, as you are 'changing directory'(cd thisdoesntexist/) to a non existing folder and then getting out of it(../). But, there is difference with evaluation/calculation in windows and linux. Here is how... On Windows Box... C:\>cd thisdoesntexist/ The system cannot find the path specified. C:\>cd thisdoesntexist/../ C:\>cd thisdoesntexist/thisonetoo/../ The system cannot find the path specified. C:\>cd thisdoesntexist/thisonetoo/../../ C:\> On Linux box... one@ubuntubox:~$ cd thisdoesntexist/ -bash: cd: thisdoesntexist: No such file or directory one@ubuntubox:~$ cd thisdoesntexist/../ -bash: cd: thisdoesntexist/../: No such file or directory one@ubuntubox:~$ -- Thanks, Sagar Belure Security Analyst Secfence Technologies www.secfence.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Windows XP bug BlackHawk (Jul 07)
- Re: Windows XP bug T Biehn (Jul 07)
- Re: Windows XP bug Duboucher Thomas (Jul 08)
- Re: Windows XP bug Sagar Belure (Jul 08)
- Re: Windows XP bug Vipul Agarwal (Jul 08)
- Re: Windows XP bug Juan Galiana (Jul 08)
- Re: Windows XP bug Christian Sciberras (Jul 08)
- Re: Windows XP bug Vipul Agarwal (Jul 08)
- Re: Windows XP bug Robert Święcki (Jul 08)
- Re: Windows XP bug T Biehn (Jul 07)