A simple Bash reverse shell like this one is a good reason to remove Bash from your containers. It uses Bash’s virtual /dev/tcp/ filesystem, and is not exploitable in sh, which doesn’t include this oft-abused feature:
while :; do
nohup bash -i &> \
Resources, links, projects, and ideas for gardeners tending their digital notes on the public interwebs - GitHub - MaggieAppleton/digital-gardeners: Resources, links, projects, and ideas for gardeners tending their digital notes on the public interwebs
This article is part of a series about integrating security tooling in the development process. You can find the rest of the articles here: Part 1: Detecting Insecure Dependencies (SCA)Part 2: Detecting Insecure Source Code (SAST)Note: This tutorial is based on the repository resulting from part 2. If
FoldFold allExpandExpand allAre you sure you want to delete this link?Are you sure you want to delete this tag?
The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community