WIKI

13.3 运行命令检测

(1)描述

检测命令执行相关的代码

(2)检测方法

检测类型:静态分析

Example Java code:

  Runtime rr = Runtime.getRuntime();

  Process p = rr.exec("ls -al");

  

Example Bytecode code:

  const-string v2, "ls -al"

  invoke-virtual {v1, v2}, Ljava/lang/Runtime;->exec(Ljava/lang/String;)Ljava/lang/Process;