The author exploited this by adding a space to the URL so it no longer started w... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		taspeotis on May 1, 2019 \| parent \| context \| favorite \| on: Remote Code Execution on Most Dell Computers The author exploited this by adding a space to the URL so it no longer started with http:// rather (space)http:// but it looks like the call to Replace would be ineffective if the URL started with HTTP:// as well. `bool flag2 = file.Location.ToLower().StartsWith("http://"); if (flag2) { file.Location = file.Location.Replace("http://", "https://"); }` I trust the new version isn’t vulnerable to this...

BillDemirkapi on May 1, 2019 [–]

There were a bunch of ways to bypass the check. For example another way would be to use "http:\\" which wouldn't get detected either. The new version isn't vulnerable.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact