Repository: /data/pruva/project-cache/b34673b4-44bf-46c8-b663-ef8da3bf7b64/repo Vulnerable commit: 994f4a46fd76ea44eae2fe839216bb273ce49080 Fixed commit: 41f74b4acfc144e09013d04dd121e0a5da808361 === Testing variant: createFolder === [vulnerable/createFolder] rc=0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG EXIT 0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG mkdir "safe.txt"; EXIT 0 [createFolder] Vulnerable commit: PAYLOAD FIRED [fixed/createFolder] rc=1 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG ; EXIT 0 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG mkdir "safe$(id > /data/pruva/runs/432fe67b-3dd2-449d-b439-e64db8e1bbb7/bundle/logs/vuln_variant/marker_createFolder).txt"; EXIT 0 [createFolder] Fixed commit: payload did NOT fire (fix covers this path) === Testing variant: deleteFile === [vulnerable/deleteFile] rc=0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG EXIT 0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG del "safe.txt"; EXIT 0 [deleteFile] Vulnerable commit: PAYLOAD FIRED [fixed/deleteFile] rc=1 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG ; EXIT 0 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG del "safe$(id > /data/pruva/runs/432fe67b-3dd2-449d-b439-e64db8e1bbb7/bundle/logs/vuln_variant/marker_deleteFile).txt"; EXIT 0 [deleteFile] Fixed commit: payload did NOT fire (fix covers this path) === Testing variant: writeData === [vulnerable/writeData] rc=0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG EXIT 0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG put "/tmp/vfsba7285d7olkebN6IQAR" "safe.txt"; EXIT 0 [writeData] Vulnerable commit: PAYLOAD FIRED [fixed/writeData] rc=1 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG ; EXIT 0 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG put "/tmp/vfs0ddtsaidgtoi2HnrkKp" "safe$(id > /data/pruva/runs/432fe67b-3dd2-449d-b439-e64db8e1bbb7/bundle/logs/vuln_variant/marker_writeData).txt"; EXIT 0 [writeData] Fixed commit: payload did NOT fire (fix covers this path) === Testing variant: rename === [vulnerable/rename] rc=0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG EXIT 0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG ARG -c ARG rename "\vfs\old" "\vfs\safe.txt"; EXIT 0 [rename] Vulnerable commit: PAYLOAD FIRED [fixed/rename] rc=1 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG ; EXIT 0 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG ARG -c ARG rename "\\vfs\\old" "\\vfs\\safe$(id > /data/pruva/runs/432fe67b-3dd2-449d-b439-e64db8e1bbb7/bundle/logs/vuln_variant/marker_rename).txt"; EXIT 0 [rename] Fixed commit: payload did NOT fire (fix covers this path) === Testing variant: readFile === [vulnerable/readFile] rc=0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG EXIT 0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG get "safe.txt" /tmp/vfsqiirile58cavdoCHqc5; EXIT 0 [readFile] Vulnerable commit: PAYLOAD FIRED [fixed/readFile] rc=1 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG ; EXIT 0 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG get "safe$(id > /data/pruva/runs/432fe67b-3dd2-449d-b439-e64db8e1bbb7/bundle/logs/vuln_variant/marker_readFile).txt" "/tmp/vfskd20meq6a9dsbytgpps"; EXIT 0 [readFile] Fixed commit: payload did NOT fire (fix covers this path) === Testing variant: deleteFolder === [vulnerable/deleteFolder] rc=0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG EXIT 0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/safe.txt ARG -c ARG quit; EXIT 0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/safe.txt/ ARG -c ARG ls; EXIT 0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG rmdir "safe.txt"; EXIT 0 [deleteFolder] Vulnerable commit: PAYLOAD FIRED [fixed/deleteFolder] rc=1 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG ; EXIT 0 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/safe$(id > /data/pruva/runs/432fe67b-3dd2-449d-b439-e64db8e1bbb7/bundle/logs/vuln_variant/marker_deleteFolder).txt/ ARG -c ARG quit; EXIT 0 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/safe$(id > /data/pruva/runs/432fe67b-3dd2-449d-b439-e64db8e1bbb7/bundle/logs/vuln_variant/marker_deleteFolder).txt/ ARG -c ARG ls; EXIT 0 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG rmdir "safe$(id > /data/pruva/runs/432fe67b-3dd2-449d-b439-e64db8e1bbb7/bundle/logs/vuln_variant/marker_deleteFolder).txt"; EXIT 0 [deleteFolder] Fixed commit: payload did NOT fire (fix covers this path) === Testing variant: isFolder === [vulnerable/isFolder] rc=0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG EXIT 0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/safe.txt ARG -c ARG quit; EXIT 0 [isFolder] Vulnerable commit: PAYLOAD FIRED [fixed/isFolder] rc=1 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG ; EXIT 0 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/safe$(id > /data/pruva/runs/432fe67b-3dd2-449d-b439-e64db8e1bbb7/bundle/logs/vuln_variant/marker_isFolder).txt/ ARG -c ARG quit; EXIT 0 [isFolder] Fixed commit: payload did NOT fire (fix covers this path) === Testing variant: listFolderPath === [vulnerable/listFolderPath] rc=0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/ ARG -c ARG EXIT 0 ARG //127.0.0.1/share ARG -Uuser ARG -D ARG /vfs/safe/ ARG -c ARG ls; EXIT 0 [listFolderPath] Vulnerable commit: PAYLOAD FIRED [fixed/listFolderPath] rc=1 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/ ARG -c ARG ; EXIT 0 ARG //127.0.0.1/share ARG -U ARG user ARG -D ARG /vfs/safe$(id > /data/pruva/runs/432fe67b-3dd2-449d-b439-e64db8e1bbb7/bundle/logs/vuln_variant/marker_listFolderPath)/ ARG -c ARG ls; EXIT 0 [listFolderPath] Fixed commit: payload did NOT fire (fix covers this path) Variants that fired on vulnerable commit: 8/8 Variants that fired on fixed commit: 0/8 NO BYPASS: the fixed commit covers all tested variant paths.