New Blog Released: Data Exfiltration via Blind OS Command Injection

16 Nov 2015

Today Craig Donkin, Lead Consultant, releases a blog on'Data Exfiltration via Blind OS Command Injection'.

In the post Craig talks about techniques that could beused on a penetration test or CTF to exfiltrate the contents of a file storedon a server by exploiting Blind OS command Injection flaws caused by inadequatevalidation of user supplied input to a vulnerable application.

Click here to read the blog in full

CREST
CREST STAR
CHECK IT Health Check Service
CBEST
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor
NCSC CCSC - Assured Service Provider