Vulnerability Development: Re: execution inside of Perl reg ex?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: execution inside of Perl reg ex?

From: Bill Reamy <bill () staffnet com>
Date: Sat, 30 Dec 2000 05:14:15 -0500

Quoting Cypher <cypher () EXECPC COM>


I have a question relating to executing code inside of a Win32 Perl
regular expression. I am trying to find a vulnerability in a CGI

... snip ...


My question is, does anyone know of any other ways to execute code in a
reg ex?


  Instead of running Perl code, how about shelling commands? Try using
 back-quotes (same key as the tilde).

  As an operator, Perl will shell any command you put inside back
 quotes and return the result of the shelled command. I assume this
 would work inside a regular expression, but I haven't tried.

                                         Bill Reamy
                                       bill () staffnet com

By Date By Thread

Current thread:

execution inside of Perl reg ex? Cypher (Dec 29)
- Re: execution inside of Perl reg ex? Robert van der Meulen (Dec 30)
- Re: execution inside of Perl reg ex? rpc (Dec 30)
- <Possible follow-ups>
- Re: execution inside of Perl reg ex? Bill Reamy (Dec 30)