User Controls
java.text.SimpleDateFormat Injection Possible?
-
2016-04-13 at 2:47 AM UTCWould it be possible to inject some kind of string into the function in this small program to take control of the program?
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Scanner;
public class DateIt {
public static void main(String[] args) {
Scanner reader = new Scanner(System.in);
System.out.print("Enter a date: ");
String currentDate = reader.nextLine();
currentDate = aFunction(currentDate);
System.out.println(currentDate);
reader.close();
}
private static String aFunction(String theDate){
Date dateToString = null;
try {
SimpleDateFormat format = new SimpleDateFormat();
format = new SimpleDateFormat("MM/dd/yyyy");
dateToString = format.parse(theDate);
} catch (ParseException e) {
e.printStackTrace();
}
return dateToString.toString();
}
} -
2016-04-13 at 6:40 AM UTCYou'd have to read the source to be sure but it seems unlikely. Buffer overflow attacks shouldn't be possible since array access in the JVM is checked and I can't imagine any good reason for anything to be eval'd (in shitty implementations you might find people evaling numbers instead of using parseInt or whatever but hopefully not in the standard library).
-
2016-04-14 at 12:42 AM UTCYou have to convert the executable you want to inject into an alternate format the browser can parse and then embed it directly into a standalone script in such a way that other active, but benign, elements of the script are able to rebuild the obfuscated executable code back into machine readable executable code into the target's temp file folder and execute it from there in such a way that it calls home with the IP once the trojan opens the server port.
-
2016-04-14 at 3:33 AM UTCFuck off spectroll, as usual what you posted has absolutely nothing to do with OP.
-
2016-04-14 at 3:35 AM UTCAlso nothing screams shitty indian programmer like
try {
...
} catch (Exception e) {
e.printStackTrace();
}
Every time I see this in production code I want to slap a bitch.
-
2016-04-14 at 8 PM UTC
Fuck off spectroll, as usual what you posted has absolutely nothing to do with OP.
You have no real idea what you're dealing with here, son. I'm extremely dangerous when I need to be.
-
2016-04-15 at 4 AM UTCWhatever you think you are, you're a dumbshit right here and now.
-
2016-04-15 at 11:44 AM UTCAnyway guise, i've ben slacking on the programming lately, i have two unfinished projects but one is really tedious boring repetative shit when it comes to the code the other very, hard, for me at least. I've been putting it off in favor of drug binges.
-
2016-04-15 at 1:08 PM UTC
Whatever you think you are, you're a dumbshit right here and now.
The first thing you would do is convert the binary into ASCII text format. ie: $ /usr/bin/exe2hex -x /usr/share/windows-binaries/imatrojan.exe. Now, does that sound like something a "dumbshit" would do? I mean, really.
-
2016-04-15 at 1:17 PM UTC
-
2016-04-15 at 1:43 PM UTC
The first thing you would do is convert the binary into ASCII text format. ie: $ /usr/bin/exe2hex -x /usr/share/windows-binaries/imatrojan.exe. Now, does that sound like something a "dumbshit" would do? I mean, really.
exe2hex is only useful in transferring binaries through a shell. Say you're in a system and wget and curl are commands unavailable because of the permissions, it's over 9000 times easier to echo ASCII than binary data. Once there you restore it, chmod +x, execute and boom root. If you're lucky.
Also no one is talking about injecting executables, SBT wants to inject a string into a part of a function. Where the end goal would be to get the program to do what you want it to do. -
2016-04-15 at 1:45 PM UTC
Also no one is talking about injecting executables, SBT wants to inject a string[ into a part of a function. Where the end goal would be to get the program to do what you want it to do.
Kind of like milking a cow in Milk Lake. I get you.
-
2016-04-15 at 1:51 PM UTC
I get you.
No, you absolutely don't. -
2016-04-15 at 8:36 PM UTC
exe2hex is only useful in transferring binaries through a shell. …
Inline binary transfers can also be accomplished through the use of crafted browser scripts.
-
2016-04-16 at 4:08 AM UTC
Also nothing screams shitty indian programmer like
try {
...
} catch (Exception e) {
e.printStackTrace();
}
Every time I see this in production code I want to slap a bitch.
Normally I would do something else within a catch clause, but this is just a quick program I made specifically for this task/question. I'm the biggest indian.Also no one is talking about injecting executables, SBT wants to inject a string into a part of a function. Where the end goal would be to get the program to do what you want it to do.
Exactly.
Looks like I'll have to look through the source a bit more... -
2016-04-16 at 10:17 PM UTC
The first thing you would do is convert the binary into ASCII text format. ie: $ /usr/bin/exe2hex -x /usr/share/windows-binaries/imatrojan.exe. Now, does that sound like something a "dumbshit" would do? I mean, really.
Yes, it does, especially considering the question in OP you're supposedly responding to. How do you propose to get your giant hex string executed? It's being fed into a date parser, in a language where everything is allocated on the heap and array access is checked. Whatever you feed it, it's not going to get executed, it's just going to throw a parse exception and that'll be the end of it. -
2016-04-17 at 12:54 AM UTC
Yes, it does, especially considering the question in OP you're supposedly responding to. How do you propose to get your giant hex string executed? It's being fed into a date parser, in a language where everything is allocated on the heap and array access is checked. Whatever you feed it, it's not going to get executed, it's just going to throw a parse exception and that'll be the end of it.
Special compiler directive? GCC-Inline-Assembly?
-
2016-04-17 at 3:48 AM UTC
Special compiler directive? GCC-Inline-Assembly?
It's java you dumshit, there is no preprocessor, no compiler directives. -
2016-04-17 at 10:09 AM UTC
It's java you dumshit, there is no preprocessor, no compiler directives.
C'mon, Lanny. You know as well as I that useless, off-topic garbage is totally acceptable in a discussion forum. Remember zoklet? When you snickered and laughed whenever the kidiots shat up a great discussion thread with witty attention-whoring and worthless content? It sure was fun and games then, wasn't it? And now here you are just so serious and all! I suppose it's only when it's a topic you are personally interested in that it really matters, and then things need to get totally serious, but hey... serious discussion is my specialty! No need to thank me now. -
2016-04-17 at 12:49 PM UTC
C'mon, Lanny. You know as well as I that useless, off-topic garbage is totally acceptable in a discussion forum. Remember zoklet? When you snickered and laughed whenever the kidiots shat up a great discussion thread with witty attention-whoring and worthless content? It sure was fun and games then, wasn't it? And now here you are just so serious and all! I suppose it's only when it's a topic you are personally interested in that it really matters, and then things need to get totally serious, but hey… serious discussion is my specialty! No need to thank me now.
