[Commotion-admin] [luci-commotion] [CLOSED] Input validation (#224)
oti-tech
notifications at github.com
Wed Jun 18 13:37:42 EDT 2014
<a href="https://github.com/elationfoundation"><img src="https://avatars.githubusercontent.com/u/1226247?" align="left" width="48" height="48" hspace="10"></img></a> **Comment by [elationfoundation](https://github.com/elationfoundation)**
_Monday Nov 11, 2013 at 20:43 GMT_
----
By the way! The things that actually need testing here are the input sanitization. So, to test.
1) Fill all form fields with malicious lua and luci code. May I suggest os.execute("passwd -d pwned") and luci.sys.reboot
2) Leave all forms empty to make sure it handles no input
3) Replay a packet to the router that includes malicious code as the value for one of the radio buttons.
---
Reply to this email directly or view it on GitHub:
https://github.com/opentechinstitute/luci-commotion/issues/224#issuecomment-46467945
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-admin/attachments/20140618/12d1312f/attachment.html>
More information about the Commotion-admin
mailing list