Questions tagged [code-execution]
The process of executing code, either maliciously or not, on a system or device. The term is often used when talking about code injection vulnerabilities.
93 questions
3
votes
0
answers
151
views
Am I being attacked via a libglesv2 vulnerability in Skype?
On 2024-12-22 and 2024-12-23, Skype crashed 7 times with an access violation. This resulted in DMP files written to disk in a crash report folder.
WinDbg's !analyze -v command outputs these top 5 ...
- 3,484
1
vote
2
answers
700
views
execute command in go without storing the command in a .exe file
I am trying to do a go program to execute a .exe file, but without be actually a .exe file. The idea is to read the executable from a .txt file and decode it (it is in base64). Once I have that code ...
- 11
0
votes
1
answer
218
views
What are all ways to run code at Windows startup?
I'm the attacker. What are all the options to run code at the Windows startup:
If I have administrator rights?
If I have normal user rights?
Can someone put any program (or script) in this method or ...
- 31
1
vote
3
answers
3k
views
What exactly are Hidden HTTP Parameters?
I read a lot of reports where 'hackers' potentially exploited a 'Hidden HTTP Parameter'. There are also tons of tools which are developed for this exact purpose.
Example : https://blog.yeswehack.com/...
- 41
1
vote
2
answers
962
views
How can code signing posibly be secure on Windows when signed executables act on unsigned input?
As a security measure, my Windows-based work computer has been configured to deny any application that hasn't been signed with a valid certificate; my system will run a signed executable from DropBox'...
- 111
3
votes
1
answer
455
views
Remote code execution after a valid SMB (net use) password in Windows?
I am doing a capture-the-flag exercise in a Windows scenario.
It uses Windows 2016 server. I was able to find the password and I can access the files with a:
net use z: \\computer\C$ password /user:...
- 31
0
votes
0
answers
161
views
What ways a website could hack a device? [duplicate]
Is it possible that clicking a link would hack a device?
For example:
injecting a malicious code into the device directly from the link's host website
connecting to the device remotely in a way ...
- 1
0
votes
1
answer
237
views
Would it be useful from a security perspective to harden an interpreter like Python or NodeJS by removing support for unused features?
When hardening a system you want to remove any features that you do not need. I have been thinking about this concept from the perspective of interpreters like Python, NodeJS, PHP etc. and am ...
- 3
1
vote
0
answers
191
views
Attack on a string created by a developer
Go and Java have "compile time constants", and JavaScript will soon get a feature that allows "Distinguishing strings from a trusted developer from strings that may be attacker ...
- 111
3
votes
1
answer
1k
views
Is it possible to embed a phar archive into a PNG image?
I know it's possible to embed phar archives into jpeg images but is it also possible to do so with PNG images? I am testing a php application that securely checks if an image is a valid PNG image ...
- 45
1
vote
1
answer
386
views
Wayback machine downloading a file called default.exe?
When I look up a site on wayback machine, I click through a couple of links on the site, and then instead of loading the page, it downloads a file called "default.exe".
Since I was expecting ...
- 1,350
0
votes
2
answers
472
views
How to put executable code in files? [closed]
I have PDF, Word and MP4 files on my site and I want to protect them from illegal downloading even if my site hacked. I want to put executable code in the files, so if someone downloads and opens them,...
- 9
1
vote
1
answer
208
views
Can uncompressing a ZIP/tar.gz/rar/etc file execute some custom code?
So I recently downloaded Tor Browser on my Linux machine and what immediately caught my eye is the fact that after uncompressing the file (I think it was .tar.gz, but the question applies to every ...
- 1,697
0
votes
1
answer
1k
views
How are games and software executables injected with custom code & without breaking offset?
Introduction – Context
Everyone has seen so called "Injectors" or "Cracks" for certain programs & games at some point in their life.
These applications inject their own code ...
0
votes
1
answer
623
views
Is it safe to automatically parse text as markdown?
I have a server, which receives text mails from students and I plan to automatically collect their message bodys and parse them as markdown so that I can generate a nicely formatted output as pdf. Is ...
- 103
0
votes
1
answer
152
views
Protect password from apache user by making file executable-only
I (will) have a binary executable file. It's only permission is user-execute. It cannot be read by user, group, or world. The owner of the file is the Apache user. I don't want the apache user to be ...
- 105
2
votes
0
answers
189
views
Can binary firmware packages be executed on the system?
Kernels like linux-libre (standard in Debian and other free Linux distributions) ship no binary firmware packages by default.
From my limited understanding of their functionality, a binary firmware ...
- 273
1
vote
4
answers
241
views
Is it possible to detect malicious software just by analyzing the code structure?
I'm a newbie to software security. I'm designing a network and I was wondering is it possible to detect if a program upgrade being downloaded on the network is malicious just by analyzing the ...
- 11
3
votes
1
answer
4k
views
How can we embed an exe containing a payload into a pdf file [closed]
I have created an exe with a payload which gives me a meterpreter session. But I need to embed this exe into a pdf. Upon opening the pdf the exe ideally should get executed. Is there any way to do ...
- 41
2
votes
3
answers
2k
views
How does buffer overread cause arbitrary code execution?
Referenced in the recent VLC vulnerability and other places, apparently buffer overreads can cause arbitrary code execution. How does it do that? Suppose in the following toy example
void badcpy(...
- 21
0
votes
0
answers
973
views
What is the risk of allowing user input in Python's 're' module
Some context
I'm currently building an application which lets user's set up dynamic, queries they can execute later. A great addition to this seems like a regex module, in which users can filter ...
- 862
0
votes
2
answers
693
views
Why Empire Launcher payload is not working in system() in PHP?
I created a parameter passing through system() i.e. cmd. Now I run Empire tool with http listener and launch powershell launcher. Got the huge bunch of base64 encode string.
Now I pass this string to ...
9
votes
1
answer
2k
views
Can I inject a shell command here in PHP?
During source code examination for a client, I found this code. It gets unsanitized parameter from GET, sanitizes it and does shell_exec()
$arg = $_GET['arg'];
// sanitization, I suppose...
if(...
- 93
0
votes
2
answers
653
views
What are some examples of known scenarios of network attacks?
For example, it is possible that someone could spread malware with insecure wifi access point, but I don't realize how sending a bunch of network packets can result into a compromised computer if the ...
- 35
2
votes
1
answer
195
views
PHP Code execution in function parameters and logical operators [closed]
After wondering about this and trying to better understanding, I tried the folowing code:
is_string(3 and sleep(30));
Why PHP will execute code inside a parameter function (sleep in is_string) ?
...
- 43