Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
RCE: missing commands
See original GitHub issue_Issue originally created by user emphazer on date 2017-11-16 07:38:41. Link to original issue: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/961._
dune73 csanders-git lifeforms
I spend some hours and created a list of commands for which should be in v3.1 The most of them should be in #837 (932106) and some of them should be in 932100/932105
What are you thinking? I think that some of them are critical.
alternatives
apachectl
apxs
base64
bcrypt
bind
break
c\+\+
chown
clang\+\+
cmake
composer
convert
declare
dgawk
dig
disown
docker
drush
ethtool
find2perl
gawk
hexdump
httpd
igawk
init
jar
javac
jcmd
jconsole
jcontrol
journalctl
jre
jrunscript
jstat
jstatd
keyctl
keytool
logrotate
lshell
make
man
mkfifo
mknod
mktemp
mock
mongo
mount.fuse
munin-node
mvn
ncdu
nginx
node
parallel
paste
pgawk
php-cgi
php-config
php-fpm
phpize
pifconfig
postgres
psed
psql
puppet
redis-cli
redis-server
resolvconf
rev
rmiregistry
rpmbuild
runcon
runuser
sar
script
stdbuf
semanage
servertool
setcap
shift
smbclient
smbpasswd
snmp
ss
sshfs
strace
systemctl
tac
tcpdump
tshark
yes
Issue Analytics
- State:
- Created 3 years ago
- Comments:9
Top Results From Across the Web
RCE User Guide - software.dlr.de!
Publishing tools on the command console . ... Command line arguments for RCE . ... Maybe binaries are missing or not compatible with...
Read more >From XXE to RCE with PHP/expect — The Missing Link - Airman
I've been experimenting with xxelab (https://github.com/jbarone/xxelab), a simple PHP web app demonstrating XXE attacks, trying to replicate ...
Read more >RCE with PostgreSQL Extensions - HackTricks
RCE in Linux. The process for executing system commands from PostgreSQL 8.1 and before is straightforward and well documented (Metasploit module):.
Read more >Remote Code Execution (RCE) in git | CVE-2021-23632 | Snyk
... Execution (RCE) due to missing sanitization in the Git.git method, which allows execution of OS commands rather than just git commands.
Read more >RCE vulnerability in a file name [Walkthrough] - Vaadata
In this article, we're explaining how we found a RCE vulnerability during a penetration test of a web application coded in PHP.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
User lifeforms commented on date 2018-05-27 11:53:14:
I would leave
tmp/andpythonout personally, other than that, a PR with the above changes would be very nice 😉User emphazer commented on date 2019-03-08 16:27:34:
maybe we should label issues/improvements like this here…