the-web-application-hackers-handbook
19.09.2017 Views
Share Embed Flag

the-web-application-hackers-handbook

ePAPER READ
DOWNLOAD ePAPER
capernicus

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

360 Chapter 10 n Attacking Back-End Components<br />

Figure 10-2: A successful command injection attack<br />

Example 2: Injecting Via ASP<br />

Consider <strong>the</strong> following C# code, which is part of a <strong>web</strong> <strong>application</strong> for administering<br />

a <strong>web</strong> server. The function allows administrators to view <strong>the</strong> contents<br />

of a requested directory:<br />

string dirName = “C:\\filestore\\” + Directory.Text;<br />

ProcessStartInfo psInfo = new ProcessStartInfo(“cmd”, “/c dir “ +<br />

dirName);<br />

...<br />

Process proc = Process.Start(psInfo);<br />

When used as intended, this script inserts <strong>the</strong> value of <strong>the</strong> user-supplied<br />

Directory parameter into a preset command, executes <strong>the</strong> command, and<br />

displays <strong>the</strong> results, as shown in Figure 10-3.<br />

As with <strong>the</strong> vulnerable Perl script, an attacker can use shell metacharacters to<br />

interfere with <strong>the</strong> preset command intended by <strong>the</strong> developer and inject his own<br />

command. The ampersand character (&) is used to batch multiple commands.<br />

Supplying a filename containing <strong>the</strong> ampersand character and a second command<br />

causes this command to be executed and its results displayed, as shown<br />

in Figure 10-4.

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!