Simple Command Injection

Breif

Command injection is a vuln that allows you to submit sys commands to a computer running a website. This happens when the app fails to encode user input that goes to a system shell. This vuln is common when the developer uses the system() command or the same in the lang of its app.

 

import os

domain = user_input() #Input: hackingarise.com

os.system(‘ping” + domain)

 

This is would ping the hackingarise website as the user has inputted it but what happens if they put in something else to return different data? Say they put in “; ls” without quotes ofc, then the command before the semicolon(ping) would be terminated and forced to run ‘ls’

What is the use of this?

Well command injection can be a good way to use privilege escalation with web apps and apps that use system commands. Many home routers are vuln to this as they commit user input directly to a system command.

Some Command Injection Payloads

;ls

;id

system(‘cat /etc/passwd’);

$(`cat /etc/passwd`)

 

These payloads can be basically anything that helps you gain a shell, user, root, admin etc. Or any command you may want to try!

 

Thanks for reading my post and be sure to check out more on the site! See ya next time!

 

pentester

Leave a Reply