Extended Basic Level 5

[cissou]

Well I'm lost. I just can't see any error or flaw.
Here is how I read the shell :
Line 1 : remove the file called OK
Line 2 : replace eval in the file exec.php with safeeval in a file called tmp, and then creating a file called OK
Line 3 : if a file called OK exists, proceed
Line 4 : remove exec.php ; rename tmp and call it exec.php
Line 5 : end if

I don't have any Unix machine and cannot test the shell, but it should be working, right ? Aside from some quotes that I'd replace with strongs ('), and the -E command that seems useless, that looks legit.
Maybe the -E is a hint that could lead us to think that there is something ELSE to be fixed in the .php file (and indeed, the PHP script seems very odd. If cmd2 is empty, then eval() it ? eval the empty string ??!)

Any hint very welcome

[lia_hmmy]

Well I'm lost. I just can't see any error or flaw.
Here is how I read the shell :
Line 1 : remove the file called OK
Line 2 : replace eval in the file exec.php with safeeval in a file called tmp, and then creating a file called OK
Line 3 : if a file called OK exists, proceed
Line 4 : remove exec.php ; rename tmp and call it exec.php
Line 5 : end if

I don't have any Unix machine and cannot test the shell, but it should be working, right ? Aside from some quotes that I'd replace with strongs ('), and the -E command that seems useless, that looks legit.
Maybe the -E is a hint that could lead us to think that there is something ELSE to be fixed in the .php file (and indeed, the PHP script seems very odd. If cmd2 is empty, then eval() it ? eval the empty string ??!)

Any hint very welcome

Although i'm not very familiar with scripting this is exactly what i think the script does but is it legit??
the wikipedia link of the sed command posted above helped me find the error i suggest would also take a look at it and the syntax of sed -e command..
here's the link again:
http://en.wikipedia.org/wiki/Sed
Hope it helps...

[msbachman]

That eval, safeeval stuff is only one portion of the challenge; helps to understand what's going on but don't forget to consider other potential bugs. The bug is simple, all you need to do is understand what the script is meant to do and it should become obvious. Knowing about sed helps, per lia_hmmy's post.

Maybe an extra nudge could be provided via lia_hmmy or myself if you're still stuck cissou

[gi4c0ph]

I know I will look fussy, but I think there is another error in the logic of the first script: what is the point of evaluating an empty command?

Code: Select all

                if (empty($_GET['cmd2']))
                {
                        eval ($_GET['cmd2']);
                }


should be:

Code: Select all

                if (empty($_GET['cmd2']))
                {
                        eval ($_GET['cmd']);
                }


[rsrvctrl]

There's also a really simple way for Sam to make this script somewhat idiot proof, so that it doesn't mess up php files that were fine in the first place. Just by adding a leading space to eval and saveeval. At first glance thought this the catch, hadn't read the mission message properly

[occamsrzr]

pay attention to the sed string...