O'Reilly logo

Seven Deadliest Web Application Attacks by Mike Shema

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Executing Shell Commands

Web-application developers with enough years of experience cringe at the thought of passing the value of a URI parameter into a shell command. Modern Web applications erect strong bulwarks between the application's process and the underlying operating system. Shell commands by their nature subvert that separation. At first, it may seem strange to discuss these attacks in a chapter about server misconfigurations and predictable pages. In fact, a secure server configuration can mitigate the risk of shell command exploits regardless of whether the payload's entry point was part of the Web application or merely one component of a greater hack.

In the nascent Web-application environment of 1996, it was not uncommon for ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required