|
| From: | felix |
| Subject: | uname lead to embed code execution |
| Date: | Mon, 1 Mar 2021 11:36:17 +0100 |
| User-agent: | Mutt/1.10.1 (2018-07-13) |
There it is:
$ declare -A map; key='foo$(uname >/dev/tty)bar'; map[$key]=
$ echo map["$key"]
map[foo$(uname >/dev/tty)bar]
$ echo ${map["$key"]}
$ unset map["$key"]
Linux
Or even:
$ declare -A map; key='foo$(read -t 3 </dev/tty foo;echo >/dev/tty bar:
$foo)bar'; map[$key]=
...
$ unset map["$key"]
baz # hitted in 3 seconds
bar: baz
--
FĂ©lix Hauri
| [Prev in Thread] | Current Thread | [Next in Thread] |