[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: I've found a vulnerability in bash
From: |
Alex fxmbsw7 Ratchev |
Subject: |
Re: I've found a vulnerability in bash |
Date: |
Wed, 17 Nov 2021 13:55:28 +0100 |
this is due to parsing of args by specific app, -- arg indicates
end-of-switches
On Wed, Nov 17, 2021, 13:41 Marshall Whittaker <marshallwhittaker@gmail.com>
wrote:
> Software: bash
> Version: 5.0.17(1)-release (x86_64-pc-linux-gnu)
>
> --- SNIP ---
> [marshall@jerkon]{04:09 AM}: [~/bashful] $ touch -- '--version'
> [marshall@jerkon]{04:09 AM}: [~/bashful] $ touch a && mkdir b
> [marshall@jerkon]{04:09 AM}: [~/bashful] $ ls -l
> total 4
> -rw-rw-r-- 1 marshall marshall 0 Nov 17 04:09 a
> drwxrwxr-x 2 marshall marshall 4096 Nov 17 04:09 b
> -rw-rw-r-- 1 marshall marshall 0 Nov 17 04:09 --version
> [marshall@jerkon]{04:09 AM}: [~/bashful] $ mv * b
> mv (GNU coreutils) 8.30
> Copyright (C) 2018 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <
> https://gnu.org/licenses/gpl.html>;.
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
>
> Written by Mike Parker, David MacKenzie, and Jim Meyering.
> [marshall@jerkon]{04:09 AM}: [~/bashful] $ rm *
> rm (GNU coreutils) 8.30
> Copyright (C) 2018 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <
> https://gnu.org/licenses/gpl.html>;.
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
>
> Written by Paul Rubin, David MacKenzie, Richard M. Stallman,
> and Jim Meyering.
> [marshall@jerkon]{04:09 AM}: [~/bashful] $
> --- SNIP ---
>
> This shouldn't happen beacuse you can drop a file and then redirect
> other code for example calling a script if you only have access to drop
> a file. Say a cronjob was running every hour, and it did rm * on some
> folder, by expansion, you could expand it to -riv or whatever you
> wanted and redirect program flow from there.
>
> Thanks,
> Marshall Whittaker / oxagast
>
>
>
- I've found a vulnerability in bash, Marshall Whittaker, 2021/11/17
- Re: I've found a vulnerability in bash, Greg Wooledge, 2021/11/17
- Re: I've found a vulnerability in bash,
Alex fxmbsw7 Ratchev <=
- Re: I've found a vulnerability in bash, Ilkka Virta, 2021/11/17
- Re: I've found a vulnerability in bash, Chet Ramey, 2021/11/17
- Re: I've found a vulnerability in bash, Marshall Whittaker, 2021/11/19
- Re: I've found a vulnerability in bash, Alex fxmbsw7 Ratchev, 2021/11/19
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Message not available
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Re: I've found a vulnerability in bash, Marshall Whittaker, 2021/11/19
- Re: I've found a vulnerability in bash, Kerin Millar, 2021/11/19
- Re: I've found a vulnerability in bash, Eric Blake, 2021/11/19