vendredi 28 avril 2017

how to avoid calling OS commands asp.net?

I am developing VULNERABLE web application project and I want to block to shell commands in asp.net

you can see VULNERABLE web app on link.

my source code

http://ift.tt/2ptgPYC

small my code

Process p = new Process();
        p.StartInfo.CreateNoWindow = true;
        p.StartInfo.FileName = "cmd.exe";
        p.StartInfo.Arguments = "/c " + txtCmdIn.Text;
        p.StartInfo.UseShellExecute = false;
        p.StartInfo.RedirectStandardOutput = true;
        p.StartInfo.RedirectStandardError = true;
        p.StartInfo.WorkingDirectory = dir;
        p.Start();

        lblCmdOut.Text = p.StandardOutput.ReadToEnd() + p.StandardError.ReadToEnd();
        txtCmdIn.Text = "";

I don't want my webpage send to command to cmd ? How to avoid that? it's possible?

enter image description here

how to avoid calling OS commands asp.net? How can I control that ?




Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)