This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Command Injection

From OWASP

Revision as of 17:14, 30 June 2015 by Dirk Wetter (talk | contribs) (Created page with " The examples 1 through 3 and 5 are kind of old and redundant. I would advise rather * adding one more web application specific vulnerability and put them on the top * add...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

The examples 1 through 3 and 5 are kind of old and redundant.

I would advise rather

adding one more web application specific vulnerability and put them on the top
adding shellshock
for C-oldfart stuff I would at least replace ls -l by rm -rf /
I would restrict on ONE example in C. It's not very often nowadays that somebody has written a SUID/SGID wrapper. This is more a school example than of practical use.

Retrieved from "https://wiki.owasp.org/index.php?title=Talk:Command_Injection&oldid=196787"