Vulnerability Development mailing list archives

Re: execution inside of Perl reg ex?

From: Bill Reamy <bill () staffnet com>
Date: Sat, 30 Dec 2000 05:14:15 -0500

Quoting Cypher <cypher () EXECPC COM>


I have a question relating to executing code inside of a Win32 Perl
regular expression. I am trying to find a vulnerability in a CGI

... snip ...


My question is, does anyone know of any other ways to execute code in a
reg ex?


  Instead of running Perl code, how about shelling commands? Try using
 back-quotes (same key as the tilde).

  As an operator, Perl will shell any command you put inside back
 quotes and return the result of the shelled command. I assume this
 would work inside a regular expression, but I haven't tried.

                                         Bill Reamy
                                       bill () staffnet com

Current thread:

execution inside of Perl reg ex? Cypher (Dec 29)
- Re: execution inside of Perl reg ex? Robert van der Meulen (Dec 30)
- Re: execution inside of Perl reg ex? rpc (Dec 30)
- <Possible follow-ups>
- Re: execution inside of Perl reg ex? Bill Reamy (Dec 30)