Skip to content

openjudge/TR-OJA-201112A

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
exploit1
exploit1
 
 
exploit2
exploit2
 
 
README
README
 
 
paste.py
paste.py
 
 

Repository files navigation

Title: Security Holes Discovered in HUSTOJ
Author: LIU Yu <[email protected]>
Source: OpenJudge Alliance Technical Report (TR-OJA-201112A)
Date: 2011/12/09 (last revised on 2011/12/25)
Version: 1.4
License: Creative Commons Attribution-ShareAlike 3.0 License (CC BY-SA 3.0)
URL: http://openjudge.net/TR/201112A

Abstract: Security vulnerabilities have been discovered in the open-source online judge system HUSTOJ (project site http://code.google.com/p/hustoj/). Due to a series of design pitfalls and defects in the judge_client component of HUSTOJ, attackers can submit malicious solution programs to bypass most security restrictions of HUSTOJ. Validated security issues include, but not limit to, 1) executing arbitrary binary program on the judge server, 2) leak of system information, 3) leak of test data, etc.

About

Supporting materials of technical report TR-OJA-201112A

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages