Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: character injecting on linux console

From: Robert van der Meulen <rvdm () wiretrip org>
Date: Sat, 8 Dec 2001 19:24:54 +0100
Hi,

Quoting Doru Petrescu (pdoru () kappa ro):

2. Can someone explain to me what is happening ?
is this a bug in the kernel code that handles terminal output ? can we
make it do something else ? (like overwriting memory, etc ...)

These are just regular escape characters; the same kind that allow colors
in your shell, character movement, more intelligent drawing. Lots of things
you can do with that. Most unix tools have safeguards to disallow execution
of arbitrary escape sequences; you will probably find this doesn't work in
emails as well. 'mutt' and 'pine' for example, will not carelessly echo
these.
The same kind of sequences are used by some textmode irc clients, and even
mpg123, to change xterm titles.

Greets,
        Robert
-- 
                              Linux Generation
   encrypted mail preferred. finger rvdm () debian org for my GnuPG/PGP key.
            Insanity is hereditary.  You get it from your kids.
Previous By Date Next
Previous By Thread Next

Current thread: