About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Back To The Future: Unix Wildcards Gone Wild- 52

Leon JuranicPosted 6 Years Ago
  • Wildcards are a way to use 1 or more characters to grab 0 or more characters. This sounds complicated but it is essentially a really powerful autocomplete feature.
  • Here are the possible wildcards:
    • *: Matchs any number of characters, following the previous pattern entered.
    • ?: Matches any single character.
    • [ ]: Matches from a set of characters.
    • -: Used within the brackets to denote a change of characters.
    • ~: Expands to the name of your home directory. If you append another user's login name to the character, it refers to that user's home directory.
  • The asterisk, being a wildcard character, had some weird affects. For instance, when having a file, with the name '-rf', being include in a rm * command, it would append the flag -rf. This would then delete all of the directories within the location.
  • Essentially, unix will view file names as flag for commands. This happens with chown and chmod in this example.
  • Two other examples gave arbitrary command execution: parameter to tar (as a file) and rsync (as a file)
  • Not discussed in this article, but just using wildcards in general can be dangerous in scripts. You never know what you are getting yourself into!

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed