Bug on function.

Kelvin Tan Thiam Teck Mon, 07 Dec 2015 20:48:42 -0800

hi, there's a bug on function that allow attacker to inject parameters.
./report.sh "echo ln -s /sbin/halt; mv halt ;reboot8 ; reboot" AAA AAA AAA
AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA AAA


#!/bin/bash
function library {
echo ${@}
}
function Gateway {
unset param
param[7]="$8"
piaram[8]="$9"
param[9]="$10"
param[10]="$11"
param[11]="$12"
param[12]="$13"
param[13]="$14"
param[14]="$15"
param[15]="$16"
param[16]="$17"
param[17]="$18"
param[18]="$19"
#echo "After Passing Thru Function: ${param[@]}"
echo "9th: `$9`"
echo "10th: $10"
echo "11th: $11"
echo "12th: $12"
echo "13th: $13"
echo "14th: $14"
echo "15th: $15"
echo "16th: $16"
echo "17th: $17"
$18
echo "19th: $19"
echo "20th: $20"
}
echo "Before Passing Thru Function: $*"
Gateway  $*

Bug on function.

Reply via email to