The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws



Download 5,76 Mb.
Pdf ko'rish
bet524/875
Sana01.01.2022
Hajmi5,76 Mb.
#293004
1   ...   520   521   522   523   524   525   526   527   ...   875
Bog'liq
3794 1008 4334

Chapter 9 



Injecting Code



299

70779c09.qxd:WileyRed  9/14/07  3:13 PM  Page 299



use various subscriber-based services to obtain advance notification of

some known vulnerabilities that have not yet been patched by the ven-

dor, and so can implement appropriate work-around measures in the

interim.


Injecting OS Commands

Most web server platforms have evolved to the point where built-in APIs exist

to perform practically any required interaction with the server’s operating sys-

tem. Properly used, these APIs can enable developers to access the file system,

interface with other processes, and carry out network communications in a

safe manner. Nevertheless, there are many situations where developers elect to

use the more heavyweight technique of issuing operating system commands

directly to the server. This option can be attractive because of its power and

simplicity, and often provides an immediate and functional solution to a par-

ticular problem. However, if the application passes user-supplied input to

operating system commands, then it may well be vulnerable to command

injection, enabling an attacker to submit crafted input that modifies the com-

mands that the developers intended to perform.

The functions commonly used to issue operating system commands, such as

exec

in PHP and 



wscript.shell

in ASP, do not impose any restriction on the

scope of commands that may be performed. Even if a developer intends to use

an API to perform a relatively benign task such as listing a directory’s con-

tents, an attacker may be able to subvert it to write arbitrary files or launch

other programs. Any injected commands will normally run in the security con-

text of the web server process, which will often be sufficiently powerful for an

attacker to compromise the entire server.

Command injection flaws of this kind have arisen in numerous off-the-shelf

and custom-built web applications. They have been particularly prevalent

within applications that provide an administrative interface to an enterprise

server or to devices such as firewalls, printers, and routers. These applications

often have particular requirements for operating system interaction that lead

developers to use direct commands which incorporate user-supplied data.




Download 5,76 Mb.

Do'stlaringiz bilan baham:
1   ...   520   521   522   523   524   525   526   527   ...   875



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish