Products > Security
BatBadBut, command injection on Windows
(1/1)
madires:
BatBadBut: You can't securely execute commands on Windows: https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/
--- Quote ---The BatBadBut is a vulnerability that allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.
--- End quote ---
ejeffrey:
This requires that you pass raw user input on the command line to CreateProcess and the executable resolved to a batch file. That should be relatively rare. Still it's annoying the way command line expansion works in Windows. You have to know whether the target of CreateProcess is a binary or script to decide whether you should escape the arguments or not. Running scripts like this on Unix systems is also a potential source of problems.but at least execve works relatively predictably.
Navigation
[0] Message Index
Go to full version