> I have found the line below in an sh cgi program, and > believe I can pass a command to the shell but can't > seem to get it to work right. No matter what I try as > the HTTP_USER_AGENT it interprets it as a string in > the echo command & I can't get it to break it into a > new command. Nothing is done to HTTP_USER_AGENT before > this line...it's just reading it directly from the > environment. > > Any help you may have is very much appreciated. > > Thanks > > ua=`echo "$HTTP_USER_AGENT" | sed "s#\;##g"` Anyone else remembering the 'nph-finger' days of yore? It had echo QUERY_STRING = $QUERY_STRING you could pass things like '*' to abuse shell filename expansion, and that'd be the best you're going to get out of that code. I don't think you can get it to execute arbitrary commands, no matter what you try. -- Brian Hatch Behavioral Psychology: Systems and Pulling habits out of rats Security Engineer http://www.ifokr.org/bri/ Every message PGP signed
This archive was generated by hypermail 2b30 : Thu Nov 14 2002 - 23:51:22 PST