command injection bypass fix in sanitize.py

SofianeHamlaoui · Jun 4, 2021 · 77ee328 · 77ee328
1 parent cf46e00
commit 77ee328
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/lockdoors/sanitize.py b/lockdoors/sanitize.py
@@ -1,6 +1,6 @@
 # input sanitization function
 def bash_escape_restrictor(data):
-    escape_list = [";","&","|","*"," "]
+    escape_list = [";","&","|","*"," ","`"]
     for charecter in data:
         if charecter in escape_list:
             data = data.split(charecter)[0]