Command Injections - Advanced Command Obfuscation - How to defend from advanced obfuscation

I’m completing the “Advanced Command Obfuscation” where several advanced obuscation techniques are shown.

In particular, the most of these techniques is based on the usage of subshell $() and it is also reported on the text that is less likely to be blocked by WAF or filters.

My question is: on WAF-side or backend-side, an easy solution to defend me from these injections, could not be simply the usage of filters on $ or ( and ) characters to avoid these advanced techniques?

Thank you in advance!

1 Like