Mail Archives: cygwin/2010/12/12/11:44:53

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2010/12/12/11:44:53

X-Recipient: archive-cygwin AT delorie DOT com

X-SWARE-Spam-Status: No, hits=-2.0 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,T_TO_NO_BRKTS_FREEMAIL

X-Spam-Check-By: sourceware.org

MIME-Version: 1.0

Reply-To: noloader AT gmail DOT com

Date: Sun, 12 Dec 2010 11:44:35 -0500

Message-ID: <AANLkTinEUUU+T4YjLH0HFDoXJAvFt6R-6Q_GqhkvXFuy@mail.gmail.com>

Subject: Re: Suspicious EXE named "[.exe" in c:\cygwin\bin?

From: Jeffrey Walton <noloader AT gmail DOT com>

To: cygwin AT cygwin DOT com

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

BTW, Since the web interface tried to interpret my input ("Invalid
regular expression search string"), this database is probably
vulnerable to a SQL injection.

GNU just got pwn'd

Has anyone tried thew 1 =1 trick lately? Are passwords residing in
another table?

Jeff

Am 12.12.2010 12:29, schrieb Jeffrey Walton:
> Hi Guys,
>
> The executable name is suspicious at best. Attempting to search

On the contrary, it's a standard utility mentioned in IEEE Std 1003.1.

> http://cygwin.com/packages/ results in an error "Invalid regular
> expression search string: `[.exe`". Quotes, double quotes, and back
> ticks do not help during the search.

Problem of the web interface.

> What is this program supposed to do?

The same as "test", except that "[" will expect and consume the closing bracket.
 Used in scripting with shells that don't have [ built-in.

Details with "man test" ("man [" is missing on my Cygwin system), or in bash
with "help [".

-- 
Matthias Andree

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status:	No, hits=-2.0 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,T_TO_NO_BRKTS_FREEMAIL
X-Spam-Check-By:	sourceware.org
MIME-Version:	1.0
Reply-To:	noloader AT gmail DOT com
Date:	Sun, 12 Dec 2010 11:44:35 -0500
Message-ID:	<AANLkTinEUUU+T4YjLH0HFDoXJAvFt6R-6Q_GqhkvXFuy@mail.gmail.com>
Subject:	Re: Suspicious EXE named "[.exe" in c:\cygwin\bin?
From:	Jeffrey Walton <noloader AT gmail DOT com>
To:	cygwin AT cygwin DOT com
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com