はてなブックマーク

Cmd Hijack - a command/argument confusion with path traversal in cmd.exe This one is about an interesting behavior 🤭 I identified in cmd.exe in result of many weeks of intermittent (private time, every now and then) research in pursuit of some new OS Command Injection attack vectors. So I was mostly trying to: find an encoding missmatch between some command check/sanitization code and the rest of