WebApp Sec mailing list archives
Re: Exploits from command line?
From: Antoine Martin <antoine () nagafix co uk>
Date: Wed, 19 Jan 2005 18:41:51 +0000
On Tue, 2005-01-18 at 12:49 -0800, Benjamin Livshits wrote:
I've come upon some cases in large Web-base applications where the errors such SQL injection and XSS are found in codes that are not accessible by Web users. For instance, some applications include a few sloppily written maintenance programs that are invoked from the command line as well as Ant tasks that are supposed to be invoked by the application administrator. On the surface, these errors are probably pretty irrelevant, as an attacker that has the permissions to run the application from the command line is already in some sense in the system and can cause more damage elsewhere. Is this the right assessment or are there situations where the ability to perform SQL injections from the command line is in fact somehow dangerous?
There are many cases where the local attack can be used for privilege escalation. Depends on far too many things to list here. (What user runs the injected code, can you inject code for later use by another user, etc) But without knowing the application you're talking about, it is impossible to say. Antoine
Thanks, -Ben
Current thread:
- Is this expoitable via sql injection? Nils Gundelach (Jan 14)
- Re: Is this expoitable via sql injection? Rogan Dawes (Jan 15)
- Re: Is this expoitable via sql injection? Nils Gundelach (Jan 16)
- Exploits from command line? Benjamin Livshits (Jan 19)
- Re: Exploits from command line? Antoine Martin (Jan 23)
- Re: Is this expoitable via sql injection? Nils Gundelach (Jan 16)
- Re: Is this expoitable via sql injection? Rogan Dawes (Jan 15)