Surprising shell pathname expansion

computer unix shell

I thought I was understanding pretty well how bash argument processing and various expansions is supposed to behave. Apparently, there are still subtleties which tricks me, sometimes.

Read more…

More example of argument and shell command injections in browser invocation

computer unix debian security shell

In the previous episode, I talked about some argument and shell command injections vulnerabilities through URIs passed to browsers. Here I'm checkig some other CVEs which were registered at the same time.

Read more…

Argument and shell command injections in browser invocation

computer unix debian security shell

While reading the source of sensible-browser in order to understand how it was choosing which browser to call (and how I could tweak this choice), I found an argument injection vulnerability when handling the BROWSER environment variable. This lead me (and others) to a a few other argument and shell command injection vulnerabilities in BROWSER processing and browser invocation in general.

Read more…

Foo over SSH

Using SSH as a transport for your protocol

computer network ssh unix

A comparison of the different solutions for using SSH2 as a secured transport for protocols/services/applications.

Read more…

Terminal read-only live sharing

computer unix ssh screen

Live sharing a terminal session to another (shared) host over SSH in read-only mode.

Read more…

Cleaning the stack by filtering the assembly

computer simgrid unix compilation assembly x86_64

In order to help the SimGridMC state comparison code, I wrote a proof-of-concept LLVM pass which cleans each stack frame before using it. However, SimGridMC currently does not work properly when compiled with clang/LLVM. We can do the same thing by pre-processing the assembly generated by the compiler before passing it to the linker: this is done by inserting a script between the compiler and the assembler. This script will rewrite the generated assembly by prepending stack-cleaning code at the beginning of each function.

Read more…

Filtering the clipboard using UNIX filters

computer x11 unix cms hmtl

I had a few Joomla posts that I wanted to clean up semi-automatically. Here are a few scripts, to pass the content of the clipboard (or the current selection) through a UNIX filter.

Read more…

Page 1 of 1 | | Next page | JSON Feed | Atom Feed