WingNews logo WingNews
top | item 29195592

(no title)

awirth | 4 years ago

Now that I live in Japan, I've come to learn that for Japanese Windows users, seeing the ¥ symbol as a path separator is normal, it isn't a quirk or a bug. In fact, IIRC the copy machine in the closest convenience store shows a ¥ as the path separator when browsing a USB drive, even though I'm almost certain it's not running Windows.

A few years back, I wrote a CTF challenge around this quirk of SHIFT_JIS. It used a python MySQLdb connection set to SHIFT_JIS mode and a custom naïve mysql escape function. The trick was to use a yen symbol and have it get interpreted as an unescaped backslash, leading to a SQL injection. Also it was all over websockets just to be annoying.

There's a few nice writeups from it:

https://www.kernelpicnic.net/2016/03/06/BKPCTF-Wonderland-Go...

https://0day.work/boston-key-party-ctf-2016-writeups/

https://security.szurek.pl/en/boston-key-party-ctf-2016-good... (this one has the original challenge source)

discuss

order

emodendroket|4 years ago

I mean, yeah, it's been that way for decades. Why wouldn't they see it as normal?

thisisnico|4 years ago

We have a Toshiba CNC machine at our shop that enters paths like this on the controller, always wondered why; now I know.

Tagbert|4 years ago

It may be running Windows CE

ensiferum|4 years ago

But you can always just use a different layout for your keyboard. So eve with a keyboard with physical key engravings in Japanese you could just use a US layout.

tom_|4 years ago

The keyboard layout makes no difference; the yen symbol is just what ASCII 92 looks like.

signal11|4 years ago

> seeing the ¥ symbol as a path separator is normal

Also for people working in many Japanese MNCs.