Blog

OS Command Injection

1 min.

April 10, 2016

OS Command Injection attacks occur when the hacker attempts to execute system level commands through a vulnerable web application. These high impact server/application injections help the hacker to bypass administrator privileges and execute malicious OS commands. Just like SQL injections, OS Command injections can be blind or error-based.
Meta-characters (&, |, /;) are usually used to merge commands and create malicious OS Command Injections, that can be used to exploit vulnerable applications.
Read More

Want to learn more? Here are some additional pieces for you to read.

Zero Post
NPM command confusion

Zero Post
November 2024 in Software Supply Chain Security

Zero Post
Malicious NPM Package Exploits React Native Documentation Example

Zero Post
“Free Hugs” – What to be Wary of in Hugging Face – Part 4

Blog
The Role of Security Tools in Platform Engineering: Enhancing Security in the New DevOps Era

Blog
Checkmarx Named as a Leader in Software Supply Chain Security (SSCS)

Blog
Elevating Code Security: The Shift-Left Approach with Vorpal by Checkmarx

Zero Post
“Free Hugs” – What to be Wary of in Hugging Face – Part 3

Zero Post
Dozens of Machines Infected: Year-Long NPM Supply Chain Attack Combines Crypto Mining and Data Theft

Blog
Introducing the Checkmarx One Query Editor

Zero Post
“Free Hugs” – What to be Wary of in Hugging Face – Part 2

Blog
Checkmarx Advances Software Supply Chain Security

Zero Post
Falling Stars

Zero Post
“Free Hugs” – What To Be Wary of in Hugging Face – Part 1

Zero Post
October 2024 in Software Supply Chain Security

Zero Post
Supply Chain Attack Using Ethereum Smart Contracts to Distribute Multi-Platform Malware

Zero Post
Pwn3D: Abusing 3D Models for Code Execution

Zero Post
With 2FA Enabled: NPM Package lottie-player Taken Over by Attackers

Blog
Getting to DevSecOps: How to Change Culture

Zero Post
Cryptocurrency Enthusiasts Targeted in Multi-Vector Supply Chain Attack