PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Command injection with no spaces

From: Pat Moloney <nutjob.ie () gmail com>
Date: Thu, 14 Jun 2012 22:03:50 +1000
With some sed you could replace cr with a comma or other character and get
the entire file.

Also try issuing the same command multiple times in an automated fashion
using awk or sed to specify line numbers.

Another option is to try and FTP or scp files off if you have access.

Regards,
Pat



On 14/06/2012, at 21:21, Matt Summers <matt () fireantsecurity co uk> wrote:

Folks,

We came across an interesting bug in a web system where we could execute
any system command (on AIX) but we could not enter any spaces in the
command and we would only get the last line of STDOUT.

Has anyone else come across anything like this?

The most we were able to do was cat the last line from system files and
determine if a directory existed.

Cheers,

Matt

--- Part time worker full time salary ---

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: