Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for shell evasions listed in #664 #1325

Merged
merged 4 commits into from Mar 12, 2019

Conversation

Projects
None yet
3 participants
@csanders-git
Copy link
Collaborator

commented Mar 10, 2019

Adds some of the evasions listed by @lifeforms in #664 . Generally the approach taken was to look for evasions in terms of directories, sensitive information (hostname), and possible evasions ($IFS)

@csanders-git csanders-git added this to the CRS v3.2.0 milestone Mar 10, 2019

@csanders-git csanders-git requested a review from lifeforms Mar 10, 2019

@csanders-git

This comment has been minimized.

Copy link
Collaborator Author

commented Mar 11, 2019

@lifeforms suggested a test for this as well

@emphazer

This comment has been minimized.

Copy link
Collaborator

commented Mar 11, 2019

@csanders-git

what do you think about adding the following?


bin/mknod
usr/bin/awk
usr/bin/base64
usr/bin/cat
usr/bin/find
usr/bin/gawk
usr/bin/hexdump
usr/bin/ln
usr/bin/mkfifo
usr/bin/ncat
usr/bin/php-cgi
usr/bin/printf
usr/bin/psed
usr/bin/sed
usr/bin/socat
usr/bin/tee
usr/bin/telnet
usr/bin/xxd
usr/bin/yes
usr/local/bin/ncat
@emphazer

This comment has been minimized.

Copy link
Collaborator

commented Mar 11, 2019

it's from #961

@csanders-git

This comment has been minimized.

Copy link
Collaborator Author

commented Mar 12, 2019

@emphazer - check out the update :-D

lifeforms added some commits Mar 12, 2019

@lifeforms lifeforms merged commit 46171c0 into SpiderLabs:v3.2/dev Mar 12, 2019

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
@lifeforms

This comment has been minimized.

Copy link
Collaborator

commented Mar 12, 2019

Thanks people! Made a small fix and merged it 💋

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.