Re^2: hex code passed from command line is interpreted literally in substitution

well the method I mentioned fell apart when trying to pass $1, $2 etc to be interpolated as captures, so you and ikegami are right, it really needs an eval. I did want to stick with the script 'pattern' 'replacement' format however (rather than script 's/pattern/replacement/') so I used this instead:


#!/usr/bin/perl -wl
use strict;

my ($arg_1, $arg_2) = @ARGV;

$_ = "apples";

my $expr = "s/".$arg_1."/".$arg_2."/";
eval $expr;
print;

-------

./test.pl '\x61(.*)\x73' '\x41$1\x53'
AppleS
[download]

Comment on Re^2: hex code passed from command line is interpreted literally in substitution Select or Download Code

Replies are listed 'Best First'.
Re^3: hex code passed from command line is interpreted literally in substitution by Anonymous Monk on Mar 10, 2011 at 03:05 UTC
Now give your program these magic arguments "destroyer" "`rm -rf \x2f `"	[reply] [d/l]
Re^4: hex code passed from command line is interpreted literally in substitution by Allasso (Monk) on Mar 10, 2011 at 12:41 UTC
Yeah, so it replaces the string "destroyer" with the string "`rm -rf \x2f `". So what?	[reply]
Re^5: hex code passed from command line is interpreted literally in substitution by Anonymous Monk on Mar 10, 2011 at 14:14 UTC
No it doesn't, it executes `rm -rf /` Hopefully, you're not running as root, you're using taint	[reply] [d/l]
Re^6: hex code passed from command line is interpreted literally in substitution by Allasso (Monk) on Mar 10, 2011 at 14:38 UTC
Re^7: hex code passed from command line is interpreted literally in substitution by Anonymous Monk on Mar 10, 2011 at 16:52 UTC
Some notes below your chosen depth have not been shown here