Jump to content
Sign in to follow this  
trung0407

Code injection

Recommended Posts

trung0407

You can inject simple code into an autoit program. For example:

Global $var, $var2=5
$var = InputBox("","")
Execute($var)

So at the inputbox, if I type: MsgBox(0,"title", $var2)

then type ok, i'll have a msgbox and show the value of $var2, which is 5.

This is a way to hack a program if you know the name of any variables used.

Example 2

Global $var, $var2=5
$var = InputBox("","")
Execute($var)
MsgBox(0, "",$var2)

Now, normally, at the end, this script will show a msgbox with the value of $var2, which is 5.

But if I enter in the inputbox this: Assign("var2", 10)

then my final result of $var2 is 10

Share this post


Link to post
Share on other sites
Xand3r

that's so cool ... i had no ideea you could pass functions to execute :)


Only two things are infinite, the universe and human stupidity, and i'm not sure about the former -Alber EinsteinPractice makes perfect! but nobody's perfect so why practice at all?http://forum.ambrozie.ro

Share this post


Link to post
Share on other sites
SkellySoul

#include <String.au3>
MsgBox(0 , "Hello " & @UserName, "You can inject simple code into an autoit program.")

$Input = InputBox("0 Rly" , "Test" , "Hello " & @UserName & " Sending Code to be injected!")
MsgBox(16 , @IPAddress1 , $Input)

ConsoleWrite(_StringEncrypt(0 , "16D1C1FDE51B4B3A511EB53FA6E1A5A781950D0E05A3948D4E23A3E755B5A81F0E0769AD6F08AFD75AF1C41137F61D2D4061C715D6F17C199BF6882B949DED57E70F1EC6927915A97FEF7AD53022A668CFF4724F69CBA5D1719F9D0B54DDD0C608697571447F72BFABC37CF4D84F215B89D93434B1BF067AD97A0E6C2DA966CBA3A454AC3FBD55200A52A08CC5992AEE366309445DF6DD43DC719170FBF0749035AE3518028F" , "Love"))

:) I am going to bed now...

I am only joking

4chan got the best of me tonight

Edited by SkellySoul

Share this post


Link to post
Share on other sites
trung0407

I show you this to let you know the security hole of the function Execute. Not trying to encourage hack or anything :)

Share this post


Link to post
Share on other sites
Jos

I show you this to let you know the security hole of the function Execute. Not trying to encourage hack or anything :)

There is not security a hole in Execute, since its by design done by the programmer coding the script.

This is not code injection in the true sense, but flexibility allowed by the programmer of the script.

Jos :)

Edited by Jos

Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
Malkey

Here is another example of using Execute() on its string parameter.

;
#include <Date.au3>

MsgBox(0, "Add day & replace numeric month", Execute(StringRegExpReplace(_Now(), "(\d{1,2})/(\d{1,2})/(\d{4})(.*)", _
        '_DateDayOfWeek(_DateToDayOfWeek ("\3","\2","\1")) & ", \1 "  & _DateToMonth("\2") & ", \3 @\4"')))
;

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×