handbook/tools/3.Web-Hacking/4.Injection/OS-Commands/Notes/4.Prevent-OS-Command-Injection-Attacks.md at ef6197093401c7bdd55cf98162b07e9b5c8f203a - x/handbook - Coding everything, everywhere, anytime.

x/handbook

Anton Nesterov af9011411c

vault backup: 2024-08-31 01:07:21

2024-08-31 01:07:22 +02:00

253 B

Raw Blame History

Prevent OS Command Injection Attacks

Never call out OS commands from application-layer code
If unavoidable, do the following:
- Validate against a whitelist of permitted values
- Validate that the input is a number
- Validate that th`