Droid Testing for IFS vulnerability
Russell Reiter
rreiter91-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Wed Nov 23 21:10:26 UTC 2011
This code is from;
Practicial UNIX $ Internet Security
Simson Garfinkel & Gene Spafford
I installed a terminal app on the droid. I'm going to run this tonight
on the default shell, see what I get back.
=============
cd /tmp
cat > tmp <<'E-O-F'
echo "Danger!"
echo "Your shell does NOT reset the IFS variable!"
E-O-F
cat > foo <<"E-O-F"
echo "Your shell appears well behaved."
E-O-F
cat > test$$ <<"E-O-F"
/tmp/foo
E-O-F
chmod 700 tmp foo test$$
PATH=.:$PATH
IFS="/$IFS"
export PATH IFS
test$$
rm -f tmp foo test$$
===========
IFS passwd Hack
===========
#!/bin/sh
IFS=":"
while read acct passwd uid gid gcos homedir shell
do
echo $acct " " $homedir
done < /etc/passwd
===========
--
About me:
A poem went off this morning
Like an old wind up clock
on my mantle.
It shattered sleep and clattered
it's way into consciousness
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list