tag:blogger.com,1999:blog-732257695511948254.post3416084475748372185..comments2009-09-16T04:47:38.749-07:00Claudio Criscionehttp://www.blogger.com/profile/12202628660778574382noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-732257695511948254.post-27165453826444982802009-09-16T04:47:38.749-07:002009-09-16T04:47:38.749-07:00Nice to see you here!<br />The idea is to inject a fake option (e.g. –-fake) in order to get the usage screen which does not contain strings as “Error”, “login incorrect”, etc. In this case, the username matches the format as well as the “authenticate()” function does not return errors.<br /><br />Cheers,<br />LucaLuca Carettonihttp://www.blogger.com/profile/09957564681262364569noreply@blogger.comtag:blogger.com,1999:blog-732257695511948254.post-3801326048917860582009-09-15T09:47:23.117-07:002009-09-15T09:47:23.117-07:00Great work Luca!! <br />Now it makes sense, the &#39;--&#39; in the username field is causing the command line tool to return with no errors right? I think posting the section of the code calling the command-line tool might provide more insight.Lavakumar Kuppanhttp://www.blogger.com/profile/13649160238198743851noreply@blogger.com