All Questions

3 questions

5votes

3answers

1kviews

Are these bash lines (handling untrusted user input) vulnerable to command injection?

If $1 contains untrusted user input for example $(whoami). Are any of the following bash examples vulnerable to command injection? I'm having issues clearly understanding this behavior in Bash. Also, ...

Bob Ortiz

7,657

asked Nov 16, 2024 at 21:37

2votes

2answers

3kviews

Are positional parameters vulnerable to command injection?

I am trying to find if the following shell script is vulnerable to command injection #!/bin/sh set -x dig +noall +answer TXT $2._domainkey.$1 Now when I try something like this, sh script.sh "...

Krishnaraj

asked Feb 27, 2021 at 18:43

3votes

2answers

701views

Are alphanumeric strings safe to pass to a bash script?

I'm currently developing a web service that takes user input and passes it to a bash script as an argument. I know that without sanitizing this allows for remote command execution. So I want to know ...

limeeattack

asked Nov 20, 2019 at 12:16

Stack Exchange Network

All Questions

Are these bash lines (handling untrusted user input) vulnerable to command injection?

Are positional parameters vulnerable to command injection?

Are alphanumeric strings safe to pass to a bash script?

Hot Network Questions

All Questions

Related Tags