Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Destructive one word unix commands
Special Forums Cybersecurity Destructive one word unix commands Post 302591140 by aydinh on Wednesday 18th of January 2012 03:47:44 PM
Old 01-18-2012
Destructive one word unix commands
Hi I'm trying to hack a web server as part of an assignment and have gotten it to exec commands but I cannot pass commands arguments as the program splits up space separated words and only execs the first one. Is there anything I can pass to cause any sort of damage in one word? Btw webserver runs as root.

Also is it possible to host a script and just pass the location of that to the web server? Eg &_cmd=10.10.1.3/tmp/script.sh&blahblah

Would that work?


Thanks
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Maingrame to UNIX sending UNIX commands

I want to know if there is a way to send unix commands thru FTP from a mainframe to kick off Autosys Jobs. I just need to send a command from the mainframe to UNIX and have UNIX execute that command. (2 Replies)
Discussion started by: skammer
2 Replies

2. UNIX for Dummies Questions & Answers

Running UNIX commands remotely in Windows box from Unix box – avoid entering password

I am able to run the UNIX commands in a Windows box from a UNIX box through "SSH" functionality. But whenever the SSH connection is established between UNIX and Windows, password for windows box is being asked. Is there a way to avoid asking password whenever the SSH connection is made? Can I... (1 Reply)
Discussion started by: D.kalpana
1 Replies

3. UNIX for Dummies Questions & Answers

How can find exactly word in Unix?

How can find exactly word in Unix? Hi all? I have on fine it contains data like: Recalculation Dates started Performance History Recalc Scheduling started Recalculation started New Recalculation started But I want output like: Recalculation started(3rd line) So , please... (3 Replies)
Discussion started by: koti_rama
3 Replies

4. Linux

word substitution in unix

Hi I am trying to substitute 2 words on the same line with _S02 as suffix. Like this . IN "TSOPS09" INDEX IN "TSOPIX09" ; to IN "TSOPS09_S02" INDEX IN "TSOPIX09_S02" ; i used the following code to make the change , it works fine for first substitution not the second one . ... (6 Replies)
Discussion started by: capri_drm
6 Replies

5. Windows & DOS: Issues & Discussions

how do I replace a word in a file using DOS commands??

how do I replace a word in a file using DOS commands?? (1 Reply)
Discussion started by: sabithareddym
1 Replies

6. Shell Programming and Scripting

Self destructive script

How should i write a script so that the script will destroy(delete) itself once it completes execution. Thanks? (7 Replies)
Discussion started by: proactiveaditya
7 Replies

7. Virtualization and Cloud Computing

is mdadm --incremental --rebuild --run --scan destructive?

Hello Unix Community: My task to figure out how to add a 20G volume to an existing EBS Array (RAID0) at AWS. I haven't been told that growing the existing volumes isn't an option, or adding another larger volume to the existing array is the way to go. The client's existing data-store is... (0 Replies)
Discussion started by: Habitual
0 Replies

8. UNIX for Dummies Questions & Answers

Find EXACT word in files, just the word: no prefix, no suffix, no 'similar', just the word

I have a file that has the words I want to find in other files (but lets say I just want to find my words in a single file). Those words are IDs, so if my word is ZZZ4, outputs like aaZZZ4, ZZZ4bb, aaZZZ4bb, ZZ4, ZZZ, ZyZ4, ZZZ4.8 (or anything like that) WON'T BE USEFUL. I need the whole word... (6 Replies)
Discussion started by: chicchan
6 Replies

9. HP-UX

Format unit requires destructive mode???

I am trying to format a Seagate 2 Gb SCSI drive using the HP-UX 9.0 support disc and I receive a message that says: DESTRUCTIVE MODE REQUIRED TO EXECUTIVE THIS COMMAND (SCD2WARN 106). I have entered this command several times on other SCSI drives and never got this message. Anyone ever see this... (8 Replies)
Discussion started by: edspit
8 Replies

10. UNIX for Beginners Questions & Answers

UNIX script to check word count of each word in file

I am trying to figure out to find word count of each word from my file sample file hi how are you hi are you ok sample out put hi 1 how 1 are 1 you 1 hi 1 are 1 you 1 ok 1 wc -l filename is not helping , i think we will have to split the lines and count and then print and also... (4 Replies)
Discussion started by: mirwasim
4 Replies

LEARN ABOUT SUNOS

exec

exec(1) 							   User Commands							   exec(1)

NAME

       exec, eval, source - shell built-in functions to execute other commands

SYNOPSIS

   sh
       exec [argument...]

       eval [argument...]

   csh
       exec command

       eval argument...

       source [-h] name

   ksh
       *exec [arg...]

       *eval [arg...]

DESCRIPTION

   sh
       The  exec  command specified by the arguments is executed in place of this shell without creating a new process. Input/output arguments may
       appear and, if no other arguments are given, cause the shell input/output to be modified.

       The arguments to the eval built-in are read as input to the shell and the resulting command(s) executed.

   csh
       exec executes command in place of the current shell, which terminates.

       eval reads its arguments as input to the shell and executes the resulting command(s). This is usually used to execute commands generated as
       the result of command or variable substitution.

       source  reads  commands	from name. source commands may be nested, but if they are nested too deeply the shell may run out of file descrip-
       tors. An error in a sourced file at any level terminates all nested source commands.

       -h	Place commands from the file name on the history list without executing them.

   ksh
       With the exec built-in, if arg is given, the command specified by the arguments is executed in place of this shell without creating  a  new
       process.  Input/output arguments may appear and affect the current process. If no arguments are given the effect of this command is to mod-
       ify file descriptors as prescribed by the input/output redirection list.  In this case, any file descriptor numbers greater than 2 that are
       opened with this mechanism are closed when invoking another program.

       The arguments to eval are read as input to the shell and the resulting command(s) executed.

       On this man page, ksh(1) commands that are preceded by one or two * (asterisks) are treated specially in the following ways:

       1.  Variable assignment lists preceding the command remain in effect when the command completes.

       2.  I/O redirections are processed after variable assignments.

       3.  Errors cause a script that contains them to abort.

       4.  Words,  following a command preceded by ** that are in the format of a variable assignment, are expanded with the same rules as a vari-
	   able assignment. This means that tilde substitution is performed after the = sign and word splitting and file name generation  are  not
	   performed.

EXIT STATUS

       For ksh:

       If  command is not found, the exit status is 127. If command is found, but is not an executable utility, the exit status is 126. If a redi-
       rection error occurs, the shell exits with a value in the range 1-125. Otherwise, exec returns a zero exit status.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       csh(1), ksh(1), sh(1), attributes(5)

SunOS 5.10							    17 Jul 2002 							   exec(1)
All times are GMT -4. The time now is 10:26 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy