[Owasp-testing] Fwd: Query about command injection

Ismael Rocha ismaelrocha.projetos at gmail.com
Thu Feb 9 11:21:34 UTC 2017


So, congrats for the finding the issue.

Reading quickly it seems to be a regular command injection. At the end
of the day, this needs to run at the backend, right?

Ismael Goncalves
https://sharingsec.blogspot.com

On Thu, Feb 9, 2017 at 3:45 AM, Pranav Venkat <venkatsiva1994 at gmail.com> wrote:
> Hi Team,
>
>  By March 2016 I found a command injection in Google cloud. I termed it as '
> client side command injection ' due to application behavior itself.
>
> Please check this link
> www.pranav-venkat.com/2016/03/command-injection-which-got-me-6000.html
>
> and let me know if we can include it under command injection category
> (sub-category)
>
>
> Thanks and regards,
> --
> Venkatesh S
> @pranavvenkats
> skype - venkat19942010
> http://www.pranav-venkat.com
>
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing
>



-- 
Ismael Gonçalves


More information about the Owasp-testing mailing list