Enable build support by adding .buildspec.yml
| README.md | Loading last commit info... | |
| main.nim | ||
| test.bat |
README.md
Exploring Command Injection Vulnerabilities in Windows with Nim
Here's a summarized table based on the testing results from the Nim code experiments with different payloads:
| Payload | execProcess_NoQuoteShell | execProcess_QuoteShell | execShellCmd |
|---|---|---|---|
nim &calc | Not Passed | Not Passed | Passed |
nim" &calc | Passed | Not Passed | Not Passed |
%CMDCMDLINE:~-1%&calc | Passed | Passed | Passed |
"Passed" indicates the payload executed in a way that could potentially exploit the BatBadBut vulnerability, demonstrating the nuanced behavior of command execution methods in Nim in response to different types of inputs.
- CVE-2024-24576 PoC on GitHub: https://github.com/frostb1ten/CVE-2024-24576-PoC
- Flatt Security Research article: https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/