14

Stack overflow bots that will post vulnerable code snippets in the response section of popular questions and then upvote each others code and push it to the top.

Project Type
Project idea
Summary

Stack overflow bots that will post vulnerable code snippets in the response section of popular questions and then upvote each others code and push it to the top.

Description
Becuase of how often code is copied directly from forums by incompetant devs, the could introduce vulnerabilities into code bases all over the world. Mostly a joke. But security researchers have to make money somehow haha.
Comments
  • 4
    Even an incompetent dev will know if the solution you provide doesn't work though.

    So youd have to implement a bot that can solve the problem and inject a security flaw.
  • 6
    I don't see where's the joke.
  • 5
    Funny? No.
  • 0
    @BigBoo well obviously youd have to post working code. Just vulnerable code.
  • 0
    @okkimus this collab is not serious
  • 0
    @BigBoo even simple solutions can be devastatingly unsafe.
    Example: how do I "press any key to continue..." In C?
    Answer: system("pause")
    Super simple and tons if not every junior Dev has done it at some point in college.
    Insecurity: asks the OS to run the "pause" binary. Binary replacement or path hijacking makes this terribly bad.
  • 2
    To be honest many of the answers I see as the solution already are vulnerable, if you took a step back you could pick up the top rated code snippets and do some static analysis and flag up the vulnerabilities rather than post them
  • 1
    Years ago when I was using So a lot... Frankly, thought this was already being done..

    Some threads looked like hacker collaborations to create /inject shit

    But then I also was taking a lot of Adderall so...
Add Comment