Remote OS Command Injection - Timing Based
Reference
Remediation
- Input validation: Implement strict input validation and sanitization for all user-supplied data.
- Use safe APIs: Avoid direct command execution and use parameterized APIs, libraries, or safe alternatives.
- Command filtering: If command execution is necessary, use strict allowlists for permitted commands and arguments.
- Principle of least privilege: Run applications with minimal required system privileges.
- Sandboxing: Implement application sandboxing to limit the impact of successful command injection.
About
Remote OS Command Injection occurs when applications accept untrusted input to build operating system commands without proper validation or sanitization. Attackers can inject malicious commands that execute with the application's privileges, potentially compromising the entire system.
Risks
Critical Command injection can lead to complete server compromise, allowing attackers to execute arbitrary commands, access sensitive data, install malware, pivot to other systems, and maintain persistent access to the infrastructure.