Questions tagged [code-execution]

Question 1

On 2024-12-22 and 2024-12-23, Skype crashed 7 times with an access violation. This resulted in DMP files written to disk in a crash report folder. WinDbg's !analyze -v command outputs these top 5 ...

Question 2

I have a Rust-app executing Python-scripts using PyO3. The Python-scripts are uploaded by users, so I need to check for unsafe code before executing it. The scripts should only be able to do ...

Question 3

I am trying to do a go program to execute a .exe file, but without be actually a .exe file. The idea is to read the executable from a .txt file and decode it (it is in base64). Once I have that code ...

Question 4

I currently got interested in binary exploitation (even though I do not know if today is still useful). I started studying shellcode and buffer overflow (stack-buffer overflow, specifically). I know ...

Question 5

I'm the attacker. What are all the options to run code at the Windows startup: If I have administrator rights? If I have normal user rights? Can someone put any program (or script) in this method or ...

Question 6

I used Didier Stevens's pdfid.py to check a pdf, and it found js and automatic actions associated with the pdf: How do I check if this is malicious code?

Question 7

I read a lot of reports where 'hackers' potentially exploited a 'Hidden HTTP Parameter'. There are also tons of tools which are developed for this exact purpose. Example : https://blog.yeswehack.com/...

Question 8

I am searching for the best way to merge two parts of software together, so it would be as hard as possible to separate them again through reverse engineering. At the moment are both parts python, but ...

Question 9

As a security measure, my Windows-based work computer has been configured to deny any application that hasn't been signed with a valid certificate; my system will run a signed executable from DropBox'...

Question 10

I copy / pasted a data:image/png;Base64 image from a Google search into a Google Slide, before realizing it was a BASE64 image. Is there any possibility that this contains malicious code, or any way ...

Question 11

I am doing a capture-the-flag exercise in a Windows scenario. It uses Windows 2016 server. I was able to find the password and I can access the files with a: net use z: \\computer\C$ password /user:...

Question 12

A web server running iis 10 ,PHP (windows) allows users to upload any type of pdf (the location and filename does not change on the server ). The files uploaded go though some file extension check ...

Question 13

Is it possible that clicking a link would hack a device? For example: injecting a malicious code into the device directly from the link's host website connecting to the device remotely in a way ...

Question 14

Would a file upload function be vulnerable to code execution where the uploaded file is always converted to a PNG file by the application? For example, if one uploads shell.php and this file is ...

Question 15

When hardening a system you want to remove any features that you do not need. I have been thinking about this concept from the perspective of interpreters like Python, NodeJS, PHP etc. and am ...

Stack Exchange Network

Questions tagged [code-execution]

Am I being attacked via a libglesv2 vulnerability in Skype?

Filter arbitrary code for blacklisted keywords except on commented lines

execute command in go without storing the command in a .exe file

Unable to execute shellcode on x86_64 architecture

What are all ways to run code at Windows startup?

Check if javascript in pdf is malicious

What exactly are Hidden HTTP Parameters?

Recommended way to merge a security feature with the rest of the software? [closed]

How can code signing posibly be secure on Windows when signed executables act on unsigned input?

Security Implications from Base64 Image

Remote code execution after a valid SMB (net use) password in Windows?

What can I do with a Pdf upload vulnerability on a CTF server?

What ways a website could hack a device? [duplicate]

Possibility of arbitrary file upload where upload converted to png

Would it be useful from a security perspective to harden an interpreter like Python or NodeJS by removing support for unused features?

Hot Network Questions