Harden reverseshell.py and add unit test coverage #36

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open

adjusic wants to merge 1 commit into M4cs:master from adjusic:fix/reverseshell-hardening

adjusic commented May 23, 2025

This PR improves the security of reverseshell.py and adds proper test coverage.

Fixes:

Replaces os.system() with subprocess.run() for safer command execution.
Validates all user inputs (e.g., shell type, yes/no prompts).
Removes unsafe or unnecessary system calls.
Adds graceful fallback handling.

Testing:

Added tests in tests/test_reverseshell.py
All tests pass via pytest
Manual tests confirm shell selection and payload generation work as expected

Result:

File now passes static analysis in security_scan.py
Hardened against input injection and misuse


          Harden reverseshell.py and add unit test coverage

66cbe3c

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet