lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040408151845.35796.qmail@web20212.mail.yahoo.com>
From: visitbipin at yahoo.com (bipin gautam)
Subject: Re: [EXPLAIN!] FAT32 input > output = null?

well... a simple explaination could be...

if you,

del.exe >del.exe

mark the single ">" it means to output the data " to
the file" by over 

writing the whole file.

but if you do,

del.exe >>del.exe

mark the double ">>" it means to output the data but
just "APPEND"
at the end of the file.........

lets guess then,

if you execute a normal program, named "del.exe"
normally...

c:\> del.exe

it gets executed...........

but if you add a strange junk command after an
execudable............
as...
c:\> del.exe >del.exe

well... cmd.exe marks it as "INVALID" and closes the
open handle for 

del.exe without any operation [hence null output]
but......

the second half of the command is  ">del.exe" right?

as the open handles/threads of del.exe is closed with
"null" output 

windows procedes the second half of the command by
writing "null" to 

the file.......

if you do, [append] ie: '>>'

c:\> del.exe >>del.exe

cmd simply quits by appending "null" [nothing] at the
end of the 

file!!!

HAY, AFTERALL WRITING AND READING THE SAME FILE AT
ONCE [at the same 

time] ISN'T possible......... so there is a conflict
so it closes the 

open handle's of del.exe " marking it as invalid
process" hence output 

is null! which is written ............... as it is the
2'nd half of the 

command requested!

what do you say? 

MY 2 CENTS

./hUNT3R
http://www.geocities.com/visitbipin/

   

--- morning_wood <se_cur_ity@...mail.com> wrote:
> > You can also delete files by using the "del"
> command. I tested this with the 
> > 5.1 ntos kernel (Slackware XP):
> > 
> > C:\>del testfile.exe
> >
> if you were trying to be sarcastic in saying this is
> "normal, any dummy knows that"  then you failed
> horrendously, sir.
> where did the delete command came from ????
> this has nothing to do with any system command
> it was simply an odd behavior where by ">" piping
> output of a file into itself, causes a 0 byte or
> corrupted file
> C:>del.exe >del.exe
> in particular, executeable files.
> 
> 
> m.wood
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html


__________________________________
Do you Yahoo!?
Protect your identity with Yahoo! Mail AddressGuard
http://antispam.yahoo.com/whatsnewfree


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ