I am developing VULNERABLE web application project and I want to block to shell commands in asp.net
you can see VULNERABLE web app on link.
my source code
small my code
Process p = new Process();
p.StartInfo.CreateNoWindow = true;
p.StartInfo.FileName = "cmd.exe";
p.StartInfo.Arguments = "/c " + txtCmdIn.Text;
p.StartInfo.UseShellExecute = false;
p.StartInfo.RedirectStandardOutput = true;
p.StartInfo.RedirectStandardError = true;
p.StartInfo.WorkingDirectory = dir;
lblCmdOut.Text = p.StandardOutput.ReadToEnd() + p.StandardError.ReadToEnd();
txtCmdIn.Text = "";
I don't want my webpage send to command to cmd ? How to avoid that? it's possible?
how to avoid calling OS commands asp.net? How can I control that ?