Vulnerability Development mailing list archives
Re: Valid characters on one o/s are invalid on another
From: ian <cheeken () cs bu edu>
Date: Thu, 28 Jun 2001 00:03:21 -0400
kind of off on a tangent but at windev tony mason from osr mentioned you can create files with NULLs embedded in their name if you write a file system driver (this is all windows based obv) they can't be removed, not only by userland command line/gui tools but by the win32 api's themselves.... haven't tried it and i'm going on what he told us but it's kinda interesting eh? ian "Juan M. Courcoul" wrote:
Rather than finangling with BASIC, I'd suggest you do this using one of the excellent Perl packages: http://www.perl.com/CPAN-local/ports/index.html#win32 Having obtained that, you can either zap the offending file with a quick one-liner, or you can delve as deep as you want within the OS with an adequate script. The language, per se, has no restrictions regarding the characters of the filename, the size, etc., other than those imposed by the underlying filesystem, since you'll be running under the Perl interpreter (instead of COMMAND.COM et.al.). Plus you'll have the bonus of getting an excellent administration platform, supported on virtually any operating system. JMC $x=25;print substr(',rekcah lreP rehtona tsuJ',$x,1) while --$x >= 0 Craig Boston wrote:Tested this both locally and over a network and the wildcard idea was able to get rid of the files ending with a dot. For the sake of being cautions, "filename?" seems to be able to handle it as well without resorting to * Win2k doesn't come with BASIC, so I snagged a copy of qbasic off one of the NT4 machines. It doesn't seem to understand long file names so I wasn't able to do anything useful with it. It seems these files (and possibly other files that the shell refuses to deal with) can also be deleted by doing a DIR /X and deleting the DOS 8.3 name directly. Surprisingly, this seems to work on remote systems over the network as well. The shell should probably still be fixed as there are lots of clueless newbie NT admins who don't know how to use the command-line... Of course they probably have bigger security problems anyway. ----- Original Message ----- From: "Meritt James" <meritt_james () bah com> I''ve zapped files with names containing illegal characters by using wildcard that expanded to the particular file... James Robbins wrote:I ran into a situation (quite a while back) where I had a file on a DOS machine that had illegal characters in it. I couldn't rename or delete it. I finally got rid of it by going into Basic and deleting it from there. Since Basic requires the file name to be in quotes it accepted it and deleted the file.
Current thread:
- Re: Recovering the activation key from a Win2K installation, (continued)
- Re: Recovering the activation key from a Win2K installation meiso (Jun 29)
- Re: Recovering the activation key from a Win2K installation Technical Support (Jun 30)
- Re: Recovering the activation key from a Win2K installation Bryan Allerdice (Jun 27)
- Re: Recovering the activation key from a Win2K installation Zow (Jun 27)
- Re: Valid characters on one o/s are invalid on another James Robbins (Jun 26)
- Re: Valid characters on one o/s are invalid on another Meritt James (Jun 27)
- Re: Valid characters on one o/s are invalid on another Craig Boston (Jun 27)
- Re: Valid characters on one o/s are invalid on another Juan M. Courcoul (Jun 27)
- Re: Valid characters on one o/s are invalid on another ian (Jun 28)
- Re: Valid characters on one o/s are invalid on another Mathew B (Jun 30)