killchain-compendium/Exploits/Linux/Bash.md

# Bash Exploit Possibilities

## Eval


## Test

Test includes `-eq`. It can be used to execute code which is evaluated before the comparison. [Vidarholen](https://www.vidarholen.net/contents/blog/?p=716) show examples on how to do it.
An example is the following
```sh
num=a[$(date >&2)]+42
```

`date` get executed and the test `[[ $num -eq 42 ]]` gets evaluated to true
bump 2023-03-25 15:31:51 +01:00			`# Bash Exploit Possibilities`

			`## Eval`


			`## Test`

			Test includes `-eq`. It can be used to execute code which is evaluated before the comparison. [Vidarholen](https://www.vidarholen.net/contents/blog/?p=716) show examples on how to do it.
			`An example is the following`
			```sh
			`num=a[$(date >&2)]+42`
			```

			`date` get executed and the test `[[ $num -eq 42 ]]` gets evaluated to true