@postmodern_mod3 @ericmonti @Tavis sh != dash on debian derived systems like Ubuntu, replace sh with bash to repro.
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@taviso not true. env X='\' will set the X to \. You're setting a env-var and then running a sh-call as @newshtwit mentioned. -
@fransrosen @newshtwit This is a bug in bash function parsing. Read execute_null_command(), and then we can discuss this.
End of conversation
New conversation -
-
-
@taviso a better test: `env X='() { (a)=>\' bash -c "echo echo vuln"; [[ "$(cat echo)" == "vuln" ]] && echo "still vulnerable :(" -
@postmodern_mod3@taviso@veorq don’t know if obvious, but replacing “bash” with “zsh” prints also “still vulnerable :(” - 4 more replies
New conversation -
-
-
another demonstration of
@taviso's new#bash parsing bug: http://seclists.org/oss-sec/2014/q3/679 … $ function a a>\ [RETURN] > foo $ whatever $ ls whatever -
@wiretapped Slightly different problem with my bash! PS[1-4] and PROMPT_COMMAND defined: https://github.com/isislovecruft/scripts/blob/master/bash-prompt.sh …pic.twitter.com/0QayKvwm1Y
End of conversation
New conversation -
-
-
@taviso looks like this might be in the parse.y file. authors knew it was coming. -
@_g3nuin3
@taviso Where are you seeing this parse file? - 3 more replies
New conversation -
-
-
@taviso try bash -c "echo ls /etc; cat echo" without and with the X env variable set, perhaps that will better demonstrate what's going on?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.