Skip to content

Security Cipher

  • Home
  • Blog
  • About Us
  • Resources
    • Security Terminologies
    • Vulnerability Explain
    • Secure Code Explain
    • Linux Commands
    • AWS Cloud Security Checklist
  • My Resume
Contact Us

Secure Code Explain

  • DOM Cross-Site-Scripting (XSS)
  • Stored Cross-Site-Scripting (XSS)
  • Reflected Cross-Site-Scripting (XSS)
  • SQL Injection
  • XXE Injection
  • Remote File Inclusion (RFI)
  • Local File Inclusion
  • Clickjacking
  • Remote Code Execution (RCE)
  • Insecure direct object references (IDOR)
  • Secure Cookie not set
  • Log Injection
  • Cross-Site Request Forgery (CSRF)
  • HttpOnly Flag not set

Vulnerability Explain

  • SQL Injection
  • Cross-Site-Scripting (XSS)
  • Home
  • Secure Code Explain
  • Remote Code Execution (RCE)

Remote Code Execution (RCE)

Table of Contents
  • ๐Ÿฅบ Vulnerable Code
  • ๐Ÿ˜Ž Secure Code

Here is an example of Java code that is vulnerable to Remote Code Execution (RCE) attack.

๐Ÿฅบ Vulnerable Code #

import java.io.*;

public class RCE {
public static void main(String[] args) throws Exception {

// Vulnerable code: user input is directly passed to the system command
Process p = Runtime.getRuntime().exec(args[0]); // args[0] can be manipulated by attacker
BufferedReader in = new BufferedReader(new InputStreamReader(p.getInputStream()));
String line;
while ((line = in.readLine()) != null) {
System.out.println(line);
}
}
}

The program uses the “Runtime.getRuntime().exec()” method to execute a system command that is passed as an argument to the program. The command is passed to the program through the “args[0]” parameter, which is accessible to the attacker.

๐Ÿ˜Ž Secure Code #

Here is a version of the same code that is secured against Remote Code Execution (RCE) attack:

import java.io.*;
import java.util.regex.*;

public class RCE {
public static void main(String[] args) throws Exception {

// Secure code: user input is sanitized using regex to only allow approved commands
String pattern = "^[A-Za-z0-9_-]*$"; // regex for approved commands

Pattern p = Pattern.compile(pattern);
Matcher m = p.matcher(args[0]);
if (!m.matches()) {
System.out.println("Invalid command");
return;
}

Process p = Runtime.getRuntime().exec(args[0]);
BufferedReader in = new BufferedReader(new InputStreamReader(p.getInputStream()));
String line;
while ((line = in.readLine()) != null) {
System.out.println(line);
}
}
}

The line “Process p = Runtime.getRuntime().exec(args[0]);” was vulnerable in the original code, as it allowed an attacker to execute arbitrary code on the server. In the secure code, the user input is first checked against a regex pattern to ensure that it is an approved command before it is executed.

Share This Article :
  • Facebook
  • Twitter
  • LinkedIn
  • Pinterest
ClickjackingInsecure direct object references (IDOR)

Leave a Reply Cancel reply

Table of Contents
  • ๐Ÿฅบ Vulnerable Code
  • ๐Ÿ˜Ž Secure Code
logo name

Learn penetration Testing …

Instagram Twitter Youtube Telegram Linkedin

Useful Links

Blogs
About
Contact

Recent Post

  • Threat Modeling : Everything You Need to Know for Web Application Security
  • How to Conduct a Successful Penetration Test: A Step-by-Step Guide
  • OSV-Scanner: Protecting Your Open-Source Dependencies

Subscribe Now

Donโ€™t miss our future updates! Get Subscribed Today!

Subscription Form

By entering your email, you agree to our terms & Conditions and Privacy policy.

ยฉ2023. Security Cipher. All Rights Reserved.

Privacy Policies
Terms & Conditions