Bash: unquoted expression injection¶

root-me challenge: Bash - unquoted expression injection: Bypass this script’s security to recover the validation password.

./somescript "0 -o foo" makes any condition become

test 1234 -eq 0 -o foo

This is the equivalent of 1234 == 0 || "foo" in other languages, with one irrelevant comparison OR’d with the truth value of the string foo.

All non-empty strings are considered to be true, so this expression is always true.