MHLoppyisInHell = true
isInHell = truehttps://fedia.io/media/b9/ae/b9ae619e723e9bf32d053366e4cf0a7441a802de4e9e29abafa2a9f7947669e7.webp
jjjalljsIs the backend Python and the frontend JavaScript? Because then that would happen and just be normal, because Boolean true is
True in python.
Probably, but if you’re interpreting user inputs as raw code, you’ve got much much worse problems going on, lol.
It’s the settiings file… It’s probably supposed to only be written by the system admin.
A good place to put persistent malware. That’s why when using docker images always mount as ro if at all possible.
It’s you can modify the settings file you sure as hell can put the malware anywhere you want
It’s you can modify the settings file you sure as hell can put the malware anywhere you want
True. But a code settings file still carries it’s own special risk, as an executable file, in a predictable place, that gets run regularly.
An executable settings file is particularly nice for the attacker, as it’s a great place to ensure that any injected code gets executed without much effort.
In particular, if an attacker can force a reboot, they know the settings file will get read reasonably early during the start-up process.
So a settings file that’s written in code can be useful for an attacker who can write to the disk (like through a poorly secured upload prompt), but doesn’t have full shell access yet.
They will typically upload a reverse shell, and use a line added to settings to ensure the reverse shell gets executed and starts listening for connections.