An error when i switched from python v2.6.6 => v3.2.3

Ian Kelly ian.g.kelly at gmail.com
Sat Mar 9 01:18:42 CET 2013


On Fri, Mar 8, 2013 at 1:54 PM,  <nagia.retsina at gmail.com> wrote:
> Τη Παρασκευή, 8 Μαρτίου 2013 8:54:15 μ.μ. UTC+2, ο χρήστης Steven D'Aprano έγραψε:
>
>> >>> -c ''; rm -rf /; oops.py
>
>> Please don't tell the newbies to destroy their system, no matter how
>> tempting it might be.
>
> What that "-c ''" options i keep seeing in the attempts to pass bogus info in my 'page' variable?
>
> And hows oops.py relevant? Such file doesnt nto exist in my webssever.

The command that gets run is "python %s > %s", where the page variable
is substituted in for the first %s.  If you perform that substitution,
you will get:

python -c ''; rm -rf /; oops.py > /path/to/some/temp/file

So the -c is an option to Python.  It means that instead of reading a
script, Python should run commands passed on the command line in the
next argument.  That's the ''.  It's empty, so what this instructs
Python is to do nothing at all.

The second command in this shell script is "rm -rf /".  I assume you
know what that would do.

The third command is "oops.py > /path/to/some/tempfile".  The fact
that oops.py does not exist is not important, because the attacker
does not care what this command does.  The payload of the attack was
already delivered in the second command.  The only reason for this is
because it ends in .py, which is what the web server is looking for
when deciding whether to run a script.  The word "oops" here is just
for levity.



More information about the Python-list mailing list