Stack overflow bots that will post vulnerable code snippets in the response section of popular questions and then upvote each others code and push it to the top.

Project Type

Project idea

Summary

Stack overflow bots that will post vulnerable code snippets in the response section of popular questions and then upvote each others code and push it to the top.

Description

Becuase of how often code is copied directly from forums by incompetant devs, the could introduce vulnerabilities into code bases all over the world. Mostly a joke. But security researchers have to make money somehow haha.

Ranter

octothorpe

213

Comments

4

BigBoo

2320

6y

Even an incompetent dev will know if the solution you provide doesn't work though.

So youd have to implement a bot that can solve the problem and inject a security flaw.
6

okkimus

1969

6y

I don't see where's the joke.
5

PrivateGER

16813

6y

Funny? No.
0

octothorpe

213

6y

@BigBoo well obviously youd have to post working code. Just vulnerable code.
0

octothorpe

213

6y

@okkimus this collab is not serious
0

deadPix3l

2258

6y

@BigBoo even simple solutions can be devastatingly unsafe.
Example: how do I "press any key to continue..." In C?
Answer: system("pause")
Super simple and tons if not every junior Dev has done it at some point in college.
Insecurity: asks the OS to run the "pause" binary. Binary replacement or path hijacking makes this terribly bad.
2

daarkfall

3296

6y

To be honest many of the answers I see as the solution already are vulnerable, if you took a step back you could pick up the top rated code snippets and do some static analysis and flag up the vulnerabilities rather than post them
1

rant1ng

4567

6y

Years ago when I was using So a lot... Frankly, thought this was already being done..

Some threads looked like hacker collaborations to create /inject shit

But then I also was taking a lot of Adderall so...

Add Comment