#perl
13 November 2007
Total 35 pages. You are browsing page 4/35.
First :: Prev :: [...] [2] [3] [4] [5] [6] [...] :: Next :: Last
02:43 <****> GionnyBoss: they buffer will be flushed on close
02:44 <****> GionnyBoss: you can also force it to flush after every print if you want, by setting $| = 1
02:44 <****> fwiles: ok thanks. And how long is this buffer? I guess that it will automatically flushed when it is full, right?
02:45 <****> setting $| = 1 will auto-flush STDOUT. need to select the fh first.
02:45 <****> anno-: good catch
02:46 <****>autoflush;
02:46 <****> right
02:46 <****> Yay for simple and obvious code, not having to fiddle with one-arg select() or $!
02:46 <****> Or $| if I can type
02:46 <****> Which, arguablly, proves the point :)
02:46 <****> Hi all, please recommand some blog system written by perl.
02:47 <****> what should perl write, the blogs, or the system?
02:47 <****> blog
02:47 <****> Just use GumbyBRAIN :)
02:47 <****> :)
02:47 <****> GumbyBRAIN, what boring triviallities did you perform today?
02:47 <****> on what planet are you today.
03:02 * Khisanth slaps dwu with an abalone
03:04 * CPAN rating: DBICx-Deploy rated 4 stars by Ashley Pond V
03:05 <****>) and I need to know how to pipe into a directory listing
03:06 <****> Cusoon959, that challenge is so easy you have to barely google.
03:06 <****> yeah
03:06 <****> I know
03:06 <****> and
03:06 <****> is ls the command?
03:06 <****> I'm just wondering about the command itself
03:06 <****> Cusoon959, google for "man ls"
03:07 <****> i know how to use ls
03:07 <****> So use it.
03:07 <****> The script is already vulnerable.
03:07 <****> I was just wondering if that was the correct command...because it's not working
03:07 <****> haha
03:08 <****> In any way, this is a channel to help people learning perl. Not with some ridiculously easy HTS challenge.
03:09 <****> heh, my question was about piping in general
03:09 <****> You don't have to pipe anything for that challenge.
03:09 <****> perldoc -f qx
03:09 <****> what is the syntax for: while( @something = something() ){
03:09 <****> Will describe why their script is vulnerable.
03:09 <****> uh, that's the syntax, prakriti
03:09 <****> well
03:10 <****> when something() returns 0 the loop doesnt stop
03:10 <****> true, because scalar (0) is 1
03:10 <****> prakriti, if it return 0 then @something has one element.
03:10 <****> it will stop when something() returns nothing
03:10 <****> return undef instead
03:10 <****> ok... ]
03:10 <****> thanks
03:10 <****> undef won't help either
03:10 <****> erm, return empty list. Undef will still push one element into the array
03:10 <****> yeah
03:11 <****> undef doesnt work
03:11 <****> but return; does
03:11 <****> return;
03:11 <****> ah i see
03:42 <****> page.pl?page=main | ls
03:42 <****> Why doesn't that work
03:42 <****> it should...
03:42 <****> because you are doing it wrong
03:42 <****> do you have a program called page.pl?page=main?
03:42 <****> it's on a webserver
03:43 <****> url/page.pl
03:43 <****> Cusoon959, think outside the box. You don't need a page, you need a listing. You don
03:43 <****> what do you mean by "on"?
03:43 <****> hosted
03:43 <****> Don't need any piping, I told you already
03:43 <****> mauke, he's doing HTS challenge.
03:43 <****> page.pl?ls
03:43 <****> Cusoon959: so you're trying to run a URL as if it were a program, and are surprised it doesn't work?
03:43 <****> no
03:43 <****> I'm trying to get the output of ls
03:43 <****> use opendir and readdir
03:44 <****> how?
03:44 <****> Cusoon959, Why do you want me to give you the answer? You don't want main page, you want a listing. How thick can you get?
03:44 <****> perldoc -f opendir, perldoc -f readdir
03:44 <****> Somni, he doesn't need that. He's not actually trying to learn Perl.
03:44 <****> Zoffix, the only way to get the listing would be to somehow manipulate the perl script
03:44 <****> Cusoon959, wrong.
03:45 <****> ...
03:45 <****> Zoffix: then the quickest way to get him to stop is to tell him to RTFM, and point him to enough of them that he either reads them or realizes that he can't learn Perl from IRC
03:45 <****> how is that wrong, Zoffix
03:45 <****> There is NO other way to get a listing
03:46 <****> it's silly to use ls in Perl
03:46 <****> ok, how would I get a listing then?
03:46 <****> I just told you
03:46 <****> Somni, he's doing HTS challenge. heh :) And he ain't very bright
03:46 <****> HTS?
03:46 <****> heh, I've finished it before, actually
03:46 <****> lol...
03:47 <****>
03:47 <****> Cusoon959, you don't need to manipulate the script. There is a vulnerability that allows random shell code execution. View the script source. You only need to manipulate the URI in a smart way. I think it's pretty obvious what you could try first, even without knowing Perl or reading that script's source ( and yes you can view it)
03:47 <****> luke-jr, http://hackthissite.org
03:47 <****> or .com
03:47 <****> How could I view the source?
03:47 <****> hmm...
03:47 <****> Cusoon959, think?
03:48 <****> it only allows execution
03:48 <****> Cusoon959, look at the URI.
03:48 <****> yes, I see the URI
03:48 <****> I have used function which was written by someone else. This function returns a array. Is there a way to find out some info about this array?
03:48 <****> Cusoon959, so, does it ring any bells?
Total 35 pages. You are browsing page 4/35.
First :: Prev :: [...] [2] [3] [4] [5] [6] [...] :: Next :: Last