As noted in testssl.sh:
#TODO: Still no shell injection safe but if just run it from the cmd line: that's fine
The testssl mail program does no input checking on the A records IP data, and simply injects this into the the subprocess.run command argument.
From where testssl.sh will possible hit the issue noted in its code.
Inserting a bash script into the dns records data of a domain that is tested will trip this up.
As noted in testssl.sh:
#TODO: Still no shell injection safe but if just run it from the cmd line: that's fineThe testssl mail program does no input checking on the A records IP data, and simply injects this into the the subprocess.run command argument.
From where testssl.sh will possible hit the issue noted in its code. Inserting a bash script into the dns records data of a domain that is tested will trip this up.