Products > Security

BatBadBut, command injection on Windows

(1/1)

madires:
BatBadBut: You can't securely execute commands on Windows: https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/


--- Quote ---The BatBadBut is a vulnerability that allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.

--- End quote ---

ejeffrey:
This requires that you pass raw user input on the command line to CreateProcess and the executable resolved to a batch file.  That should be relatively rare.  Still it's annoying the way command line expansion works in Windows.  You have to know whether the target of CreateProcess is a binary or script to decide whether you should escape the arguments or not.  Running scripts like this on Unix systems is also a potential source of problems.but at least execve works relatively predictably.

Navigation

[0] Message Index

There was an error while thanking
Thanking...
Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod