Differences between revisions 4 and 10 (spanning 6 versions)
Revision 4 as of 2010-12-26 13:45:14
Size: 2462
Editor: Lhunath
Comment: Silent EOF on read
Revision 10 as of 2011-12-06 23:03:26
Size: 5048
Editor: ormaaj
Comment: obfuscated subshell bomb
Deletions are marked like this. Additions are marked like this.
Line 9: Line 9:
This page exists purely for academic purposes. Do not use code like this in shell scripts. This page exists purely for academic purposes. '''Do not use code like this in shell scripts.'''
Line 15: Line 15:
Add snippets here that are innocent, entertaining or just do nothing at all. The snippets in this part, unlike the one under "Risky", are innocent, entertaining or just do nothing at all.
Line 23: Line 23:
}}}

=== Pointless exercise in escaping ===

The following code changes the input string "`< - >`" into "`<- ->`".

{{{
\t\r \\\-\ \ \\\- <<< \<\ \-\ \>
}}}

=== Functions and Compound Commands ===

A function to do nothing at all, instantly killed off along with its parent sub-shell.

{{{
(:() (:))
}}}

=== Is it a keyword? a function? a variable? ===

{{{
#not useful at all...in bash
function for { echo $1 ;};for for in for;do \for $for;done
}}}

=== Obfuscated awk ===

{{{
# squeeze the newlines into one (like tr -s '\n'), assumes a bourne shell
printf "%s\n" foo '' '' bar | awk $$${$+ RS=}
#another version, requires bash, ksh or zsh
awk {newlines,RS}={12,}
}}}

=== Obfuscated sed ===
{{{
#remove all occurences of foo, with gnu sed
echo "foo bar foo" | sed ':;;\;foo;s;;;;t;'
}}}

=== cut with join ===
{{{
#cut the first field a string separated by : (like cut -d: -f1)
echo foo:moo | join -t : -v1 -o 1.1 - /dev/null
Line 34: Line 78:
=== Varying input ===

Pointlessly exploit the -t test to print two alternating strings by taking a different branch depending on how the number of remaining strings to print is passed into f. Also demonstrate use of FUNCNEST as a "safety catch" in bash 4.2 for playing with the below "risky" snippets as well as debugging possibly non-terminating recursive functions (slightly easier to use than limits).

{{{
herpderps(){
    f () if [[ -t 0 ]]; then printf 'herp '; (($1)) && f <<< $(($1-1)); else read -r x; printf 'derp '; ((x--)) && f $x <&1; fi
    ((FUNCNEST=$1+2))
    local -i x
    f $1
    printf 'durr\n'
}

herpderps 5 # prints "herp derp herp derp herp derp durr"
}}}
Line 37: Line 96:
Add snippets here that may be intrusive, dangerous or damaging when executed. Add snippets here that may be intrusive, '''dangerous''' or damaging when executed.
Line 58: Line 117:

A nicely camouflaged subshell bomb designed to be hard to parse by avoiding whitespace, obvious list delimiters (;), and characters other than parentheses, pipes, and brackets. It's slightly less deadly than the forkbomb but grows just as fast. Unfortunately requires some special options and works only in bash 4.2 or later due to the required lastpipe and unchecked illegal function names that are caught by Ksh.

{{{
shopt -s lastpipe; set -o pipefail

((())|[()(]|[)||(())|]()([|])||])

# ((())|]()(]|])||]) # alternate
}}}

Fun way to reverse-engineer this. The call chain prints a pretty pattern. Should be safe to run:

{{{
# optionally set -x and remove the trap.
$ shopt -s lastpipe; set -To pipefail; FUNCNEST=8; { trap 'echo "${FUNCNAME[*]}" >&3' RETURN; BASH_XTRACEFD=3; ((())|[()(]|[)||(())|]()([|])||]); } 2>/dev/null 3>&1
}}}

Bash Toys

Introduction

For the sake of triviality and pointless uniquity, this page provides a collection of snippets that are syntactically correct but look unique, odd and often have no apparent useful purpose whatsoever.

This page exists purely for academic purposes. Do not use code like this in shell scripts.

Feel free to add your own.

Innocent

The snippets in this part, unlike the one under "Risky", are innocent, entertaining or just do nothing at all.

Pointless exercise in operators

The following burp of bash operators defines a function named _ which truncates a temporary pipe which contains the output of the no-op : command that yields no output; and then runs it. The result: Nothing whatsoever.

_(){ > >(:);};_

Pointless exercise in escaping

The following code changes the input string "< - >" into "<- ->".

\t\r \\\-\  \ \\\- <<< \<\ \-\ \>

Functions and Compound Commands

A function to do nothing at all, instantly killed off along with its parent sub-shell.

(:() (:))

Is it a keyword? a function? a variable?

#not useful at all...in bash
function for { echo $1 ;};for for in for;do \for $for;done

Obfuscated awk

# squeeze the newlines into one (like tr -s '\n'), assumes a bourne shell
printf "%s\n" foo  ''  '' bar | awk $$${$+ RS=}
#another version, requires bash, ksh or zsh
awk {newlines,RS}={12,}

Obfuscated sed

#remove all occurences of foo, with gnu sed
echo "foo bar foo" | sed  ':;;\;foo;s;;;;t;'

cut with join

#cut the first field a  string separated by : (like cut -d: -f1)
echo foo:moo | join -t :  -v1 -o 1.1  - /dev/null

Silently open an "empty" FD when a file does not exist

Say you want to run a command that reads from a file, but you don't want your bash statement to error out when the file doesn't exist. Instead, you just want to run the command and should it try to read from standard input, send it an EOF immediately. Here's a way to do that really concisely:

command < file # Errors when file does not exist.
command < <({<file;} 2>&-) # Opens an FD either to the file or one that does an EOF on read.

Varying input

Pointlessly exploit the -t test to print two alternating strings by taking a different branch depending on how the number of remaining strings to print is passed into f. Also demonstrate use of FUNCNEST as a "safety catch" in bash 4.2 for playing with the below "risky" snippets as well as debugging possibly non-terminating recursive functions (slightly easier to use than limits).

herpderps(){
    f () if [[ -t 0 ]]; then printf 'herp '; (($1)) && f <<< $(($1-1)); else read -r x; printf 'derp '; ((x--)) && f $x <&1; fi
    ((FUNCNEST=$1+2))
    local -i x
    f $1
    printf 'durr\n'
}

herpderps 5 # prints "herp derp herp derp herp derp durr"

Risky

Add snippets here that may be intrusive, dangerous or damaging when executed.

Do not run any of these snippets in your shell without fully understanding them, solely at your own risk!

And don't act like a 12 year old by passing these snippets to ignorant or unwitting people either.

Recursive exercise in operators

This creates a function named _ which truncates the temporary pipe that bash creates to contain the output of a new execution of the same function. The result is a recursively executing bash function. Since the recursion happens through an asynchronous process (which is how >(..) works), this one is slightly annoying to stop. Not quite as paralyzing as the Fork Bomb, though.

_(){ > >(_);};_

Fork Bomb

What this does is create a function named : which calls itself recursively. Twice. In the background. Since the function keeps calling itself over and over (forking new processes), forever, this quickly consumes a lot of system resources. This can be very destructive for a system where no resource limits are in effect.

:(){ :|:&};:

A nicely camouflaged subshell bomb designed to be hard to parse by avoiding whitespace, obvious list delimiters (;), and characters other than parentheses, pipes, and brackets. It's slightly less deadly than the forkbomb but grows just as fast. Unfortunately requires some special options and works only in bash 4.2 or later due to the required lastpipe and unchecked illegal function names that are caught by Ksh.

shopt -s lastpipe; set -o pipefail

((())|[()(]|[)||(())|]()([|])||])

# ((())|]()(]|])||]) # alternate

Fun way to reverse-engineer this. The call chain prints a pretty pattern. Should be safe to run:

# optionally set -x and remove the trap.
$ shopt -s lastpipe; set -To pipefail; FUNCNEST=8; { trap 'echo "${FUNCNAME[*]}" >&3' RETURN; BASH_XTRACEFD=3; ((())|[()(]|[)||(())|]()([|])||]); } 2>/dev/null 3>&1

Toys (last edited 2015-06-01 16:42:52 by geirha)