...
This program searches a database of users for usernames that match a regular expression.
| No Format |
|---|
A non-malicious example would be to search for 'John.*'. A malicious example would be to search for '(?s)John.*' |
| Code Block |
|---|
import java.util.regex.Pattern;
import java.util.regex.Matcher;
public class Test1
{
   public static void main(String[] args)
   {
      if (args.length < 1) {
         System.err.println("Failed to specify a regex");
         return;
      }
      String sensitiveData; //represents sensitive data from a file or something
      //imagine a CSV style database: user,password
      sensitiveData = "JohnPaul,HearsGodsVoice\nJohnJackson,OlympicBobsleder\nJohnMayer,MakesBadMusic\n";
      String regex = args[0];
      regex += ","; //supposedly this forces the regex to only match names
      System.out.println("Pattern: \'" + regex + "\'");
      Pattern p = Pattern.compile(regex, 0);
      Matcher m = p.matcher(sensitiveData);
      while (m.find())
         System.out.println("Found \'" + m.group() + "\'");
      System.err.println("DONE");
   }
}
|
...