How To Prevent Command Injection

Preventing Command Injection

If you are not already familiar with the concept of Command Injection, please review the article entitled “What Is Command Injection ?“.

For insights into detecting Command Injection vulnerabilities within applications, see the article entitled “How To Test For Command Injection“.

Preventing Command Injection

There are several strategies for avoiding and/or mitigating Command Injection vulnerabilities.  In order of importance, they are:

  • Do not “exec” out to the Operating System if it can be avoided.  This is the best solution if it can be adopted because it eliminates the risk.  Make every effort to do the application’s work within the application.
  • Validate untrusted inputs.  All input to the application that has not been previously validated must be examined to ensure it meets the expectations of the application.  Use “whitelist validation”, which means that the application verifies that the input conforms to what it accepts and rejects everything else.  Input Validation can include validation of the input’s:
    • Character set
    • Minimum and maximum length
    • Numeric bounds
    • Date bounds
    • Match to a Regular Expression Pattern
    • Membership in a discrete set (e.g. US States, list of colors, salutations, etc. )
  • Neutralize meta-characters that have meaning in the target OS command-line:
    • For Windows: Precede each of the following characters with a ‘^’ in order to “escape” it and neutralize its special meaning to the command-line interpreter:  ( ) < > & * ‘ | = ? ; [ ] ^ ~ ! . ” % @ / \ : + , `
    • For Linux and Unix: Precede each of the following characters with a ‘\’ in order to escape it and neutralize its special meaning to the command-line interpreter: { }  ( ) < > & * ‘ | = ? ; [ ]  $ – # ~ ! . ” %  / \ : + , `
  • Implement “Least Privilege”: Although it will not help prevent or avoid Command Injection vulnerabilities, restricting the power (i.e. permissions) of the account used to execute OS commands will help mitigate the potential damage.

Command Injection is one of the most serious security vulnerabilities that can appear within an application and extreme care must be taken when using the OS  to execute commands.

About Affinity IT Security

We hope you found this article to be useful. Affinity IT Security is available to help you with your security testing and  train your developers and testers.  In fact, we train developers and IT staff how to hack applications and networks.

Perhaps it was a network scan or website vulnerability test that brought you here.  If so, you are likely researching how to find, fix, or avoid a particular vulnerability.  We urge you to be proactive and ensure that key individuals in your organization understand not only this issue, but also are more broadly aware of application security.

Contact us to learn how to better protect your enterprise.

 

 

Although every effort has been made to provide the most useful and highest quality information, it is unfortunate but inevitable that some errors, omissions, and typographical mistakes will appear in these articles. Consequently, Affinity IT Security will not be responsible for any loss or damages resulting directly or indirectly from any error, misunderstanding, software defect, example, or misuse of any content herein.