|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
Stay one step ahead of the competition. Evaluate and give feedback
on some of the hottest web development tools on the market today.
Make your opinion heard! Click
Here
|
|
#16
April 29th, 2008, 12:56 PM
|
||||
|
||||
|
Uh, system() requires the null. Removing it would mess everything up.
Are you trying to plunk the variable name into the string that you're passing to system? If so, then what do you think that you're trying to accomplish? Despite perl's C'ishness, C isn't perl -- you don't insert a variable's value simply by plopping it into a double-quoted string (BTW, single quotes vs double quotes is an entirely different kind of issue in C than in perl and shell scripting). system() receives a single string. Period. If you need to insert variable values into that string, then you need to do that as you build the string before making the system call. For example: Code:
sprintf(mail_str,"mail %s",email);
system(mail_str);
or Code:
strcpy(mail_str,"mail ");
strcat(mail_str, email);
system(mail_str);
Last edited by dwise1_aol : April 29th, 2008 at 01:01 PM.
|
|
#17
April 29th, 2008, 01:01 PM
|
||||
|
||||
|
@AnarCom: Your problem is that the command,
system ("mail email"); results in a command of mail email. In other words, the email variable is not expanded into the actual address. It's just the word, email. Build your command, then pass it to system. Something like this: Code:
cmd = "mail "; strcpy (cmd, email); system (cmd);
__________________
C/C++ pointers (Original in the "Commonly Asked Questions" thread).
|
|
#18
April 29th, 2008, 01:27 PM
|
||||
|
||||
|
You're correct, of course, dwise; that should have been strcpy followed by strcat.
|
|
#19
April 29th, 2008, 02:33 PM
|
||||
|
||||
|
Quote:
|
|
#20
April 30th, 2008, 10:00 AM
|
|||
|
|||
|
Well, thank you all for the help!
The following works for me: Code:
strcpy(mail_str,"mail ");
strcat(mail_str, email);
system(mail_str);
I also understood the way system() works and the way strings are read. Quote:
Relax, I thought the problem was with the null. I wasn't borned with integrated C & UNIX white bible...
|
|
#22
May 4th, 2008, 03:47 PM
|
|||
|
|||
|
Quote:
Replacing it with an 'A' wont work, it really isn't that simple.
|
|
#23
May 4th, 2008, 08:23 PM
|
||||
|
||||
|
Quote:
Then an explanation is in order. Starting with a description of what you mean by "shellcoding".
|
|
#24
May 4th, 2008, 09:18 PM
|
||||
|
||||
|
Actually, he's got it a little mixed up. A shellcode exploit that is designed to be introduced as a string must have no nulls other than at the end. Otherwise the injection would be terminated early. An instruction that carried a literal zero as an operand would be one example. Alternative instructions that create the zero would be required. That's about all I'm willing to say on the subject of shellcode in the forum. Script kiddies can hang in crackerz forums.
|
|
#25
May 5th, 2008, 02:12 PM
|
|||
|
|||
|
Quote:
FYI, shellcoding is about as far from being a "script kiddie" as you can possibly get. Show me a script kiddie that can shellcode, and I'll give you my brand new Asus eee 900. Anyway........That was my 1 cent.
|
|
#27
May 14th, 2008, 04:18 PM
|
||||
|
||||
|
Quote:
|
|
#28
May 14th, 2008, 06:08 PM
|
||||
|
||||
|
Clifford is a REAL contributor. The number is small. You won't need more than two hands, I don't think, to count them. Perhaps you should get real. Get off the sugar-tit. Sheesh.
|
|
#29 |
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
