Vulnerability Development mailing list archives
Re: shell script cgi
From: Ralf Dreibrodt <ralf () dreibrodt de>
Date: Sun, 17 Nov 2002 16:09:17 +0100
Hi, here is another try, that sometimes works: Brian Hatch wrote:
To emulate this, let's set it ourselves in a normal shell: bash$ export VAR='`cat /etc/passwd`' bash$ echo $VAR `cat /etc/passwd`
bash:~# export VAR='-e test\ntest' bash:~# echo $VAR test test bash:~# echo "$VAR" -e test\ntest bash:~# well, the "$VAR" means, that $VAR is the first argument for echo. IMHO there is nothing you can do to execute code in this statement. bye ralf
Current thread:
- Re: shell script cgi, (continued)
- Re: shell script cgi Ed Schmollinger (Nov 17)
- Re: shell script cgi (summary?) c jones (Nov 18)
- Re: shell script cgi (summary?) Brian Fury (Nov 19)
- Re: shell script cgi (summary?) Andre Breiler (Nov 20)
- Re: shell script cgi (summary?) Philip Rowlands (Nov 20)
- Re: shell script cgi (summary?) Brian Hatch (Nov 19)
- Re: shell script cgi Rajko Zschiegner (Nov 16)
- Re: shell script cgi mlh (Nov 18)
- RE: shell script cgi Rajko Zschiegner (Nov 16)
- Re: shell script cgi Brian Hatch (Nov 16)
- Re: shell script cgi Ralf Dreibrodt (Nov 17)
- Re: shell script cgi mlh (Nov 18)
- Re: shell script cgi Brian Hatch (Nov 16)