Command injection vulnerability（命令注入漏洞，可以获取服务器权限）

https://github.com/Jrohy/trojan/blob/c5fafe24b3d54cb400a98b0efa60fec8682034c0/util/linux.go#L97-L100

LogChan 函数没有过滤param参数的输入，可以执行操作系统命令。

The LogChan function does not filter the input of the param parameter and can execute operating system commands.

![image](https://user-images.githubusercontent.com/19944759/191647516-ca1e1c81-002c-4f31-9e10-c2a8f80c0e08.png)

![image](https://user-images.githubusercontent.com/19944759/191647591-76ed02ee-8807-4297-b302-d31742cf0e06.png)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Command injection vulnerability（命令注入漏洞，可以获取服务器权限） #704

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

	// LogChan 指定服务实时日志, 返回chan
	func LogChan(serviceName, param string, closeChan chan byte) (chan string, error) {
	cmd := exec.Command("bash", "-c", fmt.Sprintf("journalctl -f -u %s -o cat %s", serviceName, param))

Command injection vulnerability（命令注入漏洞，可以获取服务器权限） #704

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions