I'm a wannabe
OK.. I've been reading about a few exploits and I decided to create a simple bin that could be open to an IFS exploit. Could someone tell me what I'm doing wrong?? No matter what I set IFS to it will always run /bin/date correctly. What I'm shooting for is bin: command not found. Then I'll make a bin script to say hello or something like that.
Here is my exploitable program. Code:
#include <stdio.h> // habit Code:
#!/bin/sh |
exec* system calls don't work through the shell, so the value of IFS doesn't affect them. Use the system(...) function instead.
Alex |
OK.. thanks. I tried using the system line but I still can't make it say
bin: command not found Is there some protection my shell could have to prevent people from messing with IFS?? Here is my new "vulnerable code" My exploit script is above. Code:
#include <stdlib.h> |
The behavior you're expecting will no longer work when you're using bash. See the mention of IFS use in http://www.gnu.org/manual/bash-2.05a...12.html#SEC129
That means bash will use IFS for things like: /bin/bash -c 'SPLIT=1/2/3; IFS=/; for x in $SPLIT; do echo $x; done' But it won't break up the path of a command. |
:eek: :mad: :( :cry:
Darn.... back to the drawing board. |
It is not the objective of this site to spread or share the details of 'cracks'. Although you may consider this post to be educational; the last any legitimate Linux user wants to see is some script kiddy to run with such info and cause harm.
Gary |
All times are GMT -5. The time now is 09:03 AM. |