Answer by asveikau for C system() function vulnerability
Others have told you how to exploit this. In the spirit of advocating the right way to do things, here is a good way to execute echo with user input and not have vulnerabilities (barring of course some...
View ArticleAnswer by D.Shawley for C system() function vulnerability
If this is actually in live code somewhere, then whomever wrote it should be forced to write I will never call system on tainted user input again 1 googol times with a dull pencil. Yes. As written,...
View ArticleAnswer by Andy Finkenstadt for C system() function vulnerability
It is not possible. You'd have to write something that changes the USER environment parameter that effectively backspaces over the previous characters, and system("string") does not actually use a...
View ArticleAnswer by amitp for C system() function vulnerability
If you want to print out the value of the USER environment variable, you can do:fprintf(stderr, "%s", getenv("USER"));There's no need to call system();.
View ArticleC system() function vulnerability
Suppose we have the following program:#include <stdlib.h>#include <stdio.h>int main(){ char *user = getenv("USER"); char buffer[4096]; if (user) { snprintf(buffer, sizeof buffer, "/bin/echo...
View Article
