this post was submitted on 10 Apr 2024
26 points (96.4% liked)

Security

522 readers
6 users here now

A community for discussion about cybersecurity, hacking, cybersecurity news, exploits, bounties etc.

Rules :

  1. All instance-wide rules apply.
  2. Keep it totally legal.
  3. Remember the human, be civil.
  4. Be helpful, don't be rude.

Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient

founded 1 year ago
MODERATORS
[email protected]
26
BatBadBut: You can't securely execute commands on Windows (flatt.tech)
submitted 7 months ago by testeronious to c/[email protected]
15 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 7 months ago

take in user sourced input without any sanitization

But that’s exactly the problem: these applications were sanitizing the input using the APIs provided by their language standard libraries. Except that sanitization proved insufficient because the requirements for sanitization differ greatly when the command is interpreted by cmd.exe as opposed to running regular executables. This is such a big footgun in the Windows API that it was overlooked by seemingly every major programming language implementation out there.