[Commotion-admin] [commotion-debug-helper] Input validation (#8)
Seamus Tuohy
notifications at github.com
Mon Nov 11 20:43:12 UTC 2013
By the way! The things that actually need testing here are the input sanitization. So, to test.
1) Fill all form fields with malicious lua and luci code. May I suggest os.execute("passwd -d pwned") and luci.sys.reboot
2) Leave all forms empty to make sure it handles no input
3) Replay a packet to the router that includes malicious code as the value for one of the radio buttons.
---
Reply to this email directly or view it on GitHub:
https://github.com/opentechinstitute/commotion-debug-helper/pull/8#issuecomment-28236829
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-admin/attachments/20131111/a3c3a873/attachment.html>
More information about the Commotion-admin
mailing list