Bug or unwanted behaviour in echo ?
David Wolfskill
david at catwhisker.org
Thu Jan 8 05:49:17 PST 2009
On Thu, Jan 08, 2009 at 01:37:06PM +0100, Damien Fleuriot wrote:
> ...
> I was toying around with a site that proposed to hash passwords to
> MD5, and comparing results with my host running FreeBSD 7.0-STABLE
>
> At some point I didn't get the same hash from the website and from BSD.
>
> On BSD:
> echo -n "test'$@" | md5
> 5c28a8c6d799d302f3ef53afefdfc81b
>
> On website:
> f883cdacbb478c241c51da1f67fbe9bf
>
> After swapping characters around I realized that echo just interprets
> $@ (which in our case is null).
Errr... no, I think you will find that what echo saw was actually
a string whose md5 hash was "5c28a8c6d799d302f3ef53afefdfc81b".
The "$@" was seen as a token by the shell, its value interpolated,
and passed along to echo (which may well have been a shell builtin
in any case, depending on what shell you were using).
That's what escaping the "$" worked.
> ...
Peace,
david
--
David H. Wolfskill david at catwhisker.org
Depriving a girl or boy of an opportunity for education is evil.
See http://www.catwhisker.org/~david/publickey.gpg for my public key.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20090108/45f4348a/attachment.pgp
More information about the freebsd-current
mailing list