| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: se_cur_ity at hotmail.com (morning_wood)
Subject: FAT32 input > output = null?
Fat32 file output redirect overwrites self.
===========================
odd behavior... >?
1.) console application output redirected to itself ( file.ext > file.ext )
C:\test>program.exe >program.exe
program.exe
The process cannot access the file because it is being used by another process.
ok great, normal error ( i thought )
by seeing this error, one might think "phew, i just saved myself from
overwriting that file"
but
2.) try running original program
C:\test>program.exe
[popup]
C:\test\program is not a valid Win32 application.
[/popup]
Access is denied.
uh-o
3.) directory listing
C:\test>dir
Volume in drive C has no label.
Volume Serial Number is 1F2E-1405
Directory of C:\test
02/16/2003 03:00 AM <DIR> .
02/16/2003 03:00 AM <DIR> ..
02/16/2003 03:31 AM 0 program.exe
9 File(s) 0 bytes
2 Dir(s) 435,847,168 bytes free
i do not know if this is proper behavior.
but it would appear that you SHOULD be safe due to windows
file locking, and the saftey is further bolstered by nice warning.
but alas... "Access Denied! "
so by observance we can deduce the following:
a. windows reads the originating program into memory ( fully(?)
b. the file output redirection ( > ) causes a write to file to the redirection
call back upon itself, and thus begins overwriting the original file.
c. windows detects the file access and determines that this action is illegal
and halts the operation and warns the user.
note: not tested under other disc formats.
Donnie Werner
http://exploitlabs.com
Powered by blists - more mailing lists