PaulDotCom mailing list archives

Re: Command injection with no spaces

From: Robin Wood <robin () digininja org>
Date: Thu, 14 Jun 2012 13:14:14 +0100

On 14 June 2012 10:18, Matt Summers <matt () fireantsecurity co uk> wrote:

Folks,

We came across an interesting bug in a web system where we could execute any
system command (on AIX) but we could not enter any spaces in the command and
we would only get the last line of STDOUT.

Has anyone else come across anything like this?

The most we were able to do was cat the last line from system files and
determine if a directory existed.

Cheers,


Have you tried using tabs instead of spaces?

Robin

Matt

--- Part time worker full time salary ---
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Command injection with no spaces Matt Summers (Jun 14)
- Re: Command injection with no spaces Jim Halfpenny (Jun 14)
- Re: Command injection with no spaces Pat Moloney (Jun 14)
- Re: Command injection with no spaces Robin Wood (Jun 14)
- <Possible follow-ups>
- Re: Command injection with no spaces Matt Summers (Jun 14)
  - Re: Command injection with no spaces Frisch, Daniel (JUS) (Jun 14)
  - Re: Command injection with no spaces Joe Sylve (Jun 14)
    - Re: Command injection with no spaces Joshua Wright (Jun 14)
    - Re: Command injection with no spaces Champ Clark III (Jun 14)
  - Re: Command injection with no spaces Tim Tomes (Jun 14)
- Re: Command injection with no spaces Matt Summers (Jun 14)
- Re: Command injection with no spaces Matt Summers (Jun 14)
- Re: Command injection with no spaces Matt Summers (Jun 15)