2 min to read

Secure Software Development-Code Injection

Code Injection

Featured image

What is Code Injection?

It’s a general term given to vulnerabilities that allow a user to inject code that gets interpreted and executed by the application. Code Injection is limited to the capabilities of the injected language. It can happen both on the server and on the client side.

What causes Code Injection?

These vulnerabilities occur when untrusted input is used in a context where it can be treated as actual code. The input is not properly validated or encoded before being used.

To understand Code Injection vulnerabilities, let’s look at an example:

“Mathy” is a small web application that allows users to perform calculations. The calculation is performed using an unsafe eval() function.

$calc ~|=| "5X5+2";
print eval('return'.$calc.';');

An attacker manipulates a calculation and enters a string that will result in command execution.

$calc ~|=| "system('ls')";
print eval('return'.$calc.';');

As a consequence, the ‘ls’ command is executed and the directory contents are returned to the attacker.

It could allow privilege escalation and command injection on the system. This could lead to the server falling into an attacker’s hands. An attacker could modify parts of the application and retrieve sensitive information, causing reputational damage. Or malware could be installed on the application server by abusing a code injection, leading to attacks such as cookie theft, site defacement or phishing.

To prevent Code Injection:

I hope you found this article useful. You can contact me here for your suggestions and thoughts about the series.