oss-sec mailing list archives
Re: s/party/hack like it's 1999
From: up201407890 () alunos dcc fc up pt
Date: Fri, 18 Sep 2015 14:02:36 +0200
Date: Thu, 17 Sep 2015 12:33:28 -0430 From: Manuel Gómez <targen () il com> To: oss-security () ts openwall com Subject: Re: s/party/hack like it's 1999 On Thu, Sep 17, 2015 at 12:33:28 AM, <targen () gmail com> wrote:
On Thu, Sep 17, 2015 at 11:33 AM, <up201407890 () nos dcc fc up pt> wrote:Federico Bento <up201407890 () nos dcc fc up pt> […] As you can see, our beloved 'cat' cheated on us. Why? Because instead of displaying the character-sequence, the escape sequence \033[XA (being X the number of times) performed some action. And this action moves the cursor up X times, overwriting what is above it X lines. But this doesn't affect only 'cat', it affects everything that interprets escape sequences. [… examples with head, tail, more, curl, wget …] 'diff' also interprets escape sequences and so do the resulting patches [… examples with diff …] Hint: 'less' doesn't interpret escape sequences unless the -r switch is used, so stop aliasing it to 'less -r' just because there's no colored output.
Not a single one of those programs does anything to its input that ought to be considered any form of interpretation in the sense you imply. They simply produce outputs that correspond to their inputs. If that output is later presented to a terminal emulator, *then* some characters happen to produce effects that go beyond simply displaying them as glyphs on a screen, one by one. There is absolutely nothing wrong with `head`, `tail`, `more`, `curl`, `wget` or `diff`. They are not meant to “interpret” anything of the sort that is being addressed, and indeed they do not. `less` *does* have special processing rules active by default for input sequences that would cause terminals to do anything special; indeed, the default behaviour of `less`, without the `-r` option, is the only mentioned behaviour that may be considered a form of interpretation.
Yes, that is correct. I should have rephrased that better, thanks for clearing that up.
It's no secret, most of us rely on 'cat' to view files. I guess this is one black kitty, giving you bad luck.Perhaps “most of us” should use `view` to view files.
Also correct. There are several ways one can go about this, but the point is, do people actually do that? Do they take that extra care sometimes? :)
I'd also like to point out that the title should've been "s/party/hack/ like it's 1999", I guess that's what you get when you're trying to write up things fast, but that's not really the point of the post ;-)
Quoting "Cliff Perry" <cperry () redhat com>:
Interesting. I woul advocate usage of something like cat -A. - something I learned to find end of line chars.[cperry@cperry ~]$ printf '#!/bin/bash\necho doing something evil!\nexit\n\033[2Aecho doing something very nice!\n' > backdoor.sh[cperry@cperry ~]$ chmod +x backdoor.sh [cperry@cperry ~]$ cat backdoor.sh #!/bin/bash echo doing something very nice! [cperry@cperry ~]$ cat -A backdoor.sh #!/bin/bash$ echo doing something evil!$ exit$ ^[[2Aecho doing something very nice!$ [cperry@cperry ~]$ Also, my terminal prompt jumped a line when doing the normal cat. Cliff
Yes, there are several ways to go about this, but the point is that 'cat -A file' isn't something that people do in their day to day lives!
I believe some adjustments to the script would make it not jump a line for other terminal emulators.
---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
Current thread:
- Re: s/party/hack like it's 1999, (continued)
- Re: s/party/hack like it's 1999 Manuel Gómez (Sep 17)
- Re: s/party/hack like it's 1999 Solar Designer (Sep 19)
- Re: s/party/hack like it's 1999 Rich Felker (Sep 19)
- Re: s/party/hack like it's 1999 Solar Designer (Sep 19)
- Re: s/party/hack like it's 1999 David Holland (Sep 21)
- Re: s/party/hack like it's 1999 Greg KH (Sep 21)
- Re: s/party/hack like it's 1999 Florian Weimer (Sep 21)
- Re: s/party/hack like it's 1999 David Holland (Sep 26)
- Re: s/party/hack like it's 1999 Daniel Micay (Sep 26)
- Re: s/party/hack like it's 1999 Rich Felker (Sep 29)
- Re: s/party/hack like it's 1999 Solar Designer (Sep 19)
- Re: s/party/hack like it's 1999 Manuel Gómez (Sep 17)
- Re: s/party/hack like it's 1999 up201407890 (Sep 18)