Command Injection
system("TZ=`whoami` date")
>>>>>>>>>>>>>>>this leads to these system calls
execve("/bin/sh", ["sh", "-c", "TZ=`whoami` date"], {...})
execve("/usr/bin/whoami", ["whoami"], {...})Backticks make the shell run the input and replace the result within the place of backticks
system("TZ=; whoami # date")
execve("/bin/sh", ["sh", "-c", "TZ=; whoami # date"], {...})
execve("/usr/bin/whoami", ["whoami"], {...})pound # sighn makes the rest of the command comment out.
Last updated