Tag: Command Injection

Utilizing a Command Injection Vulnerability to Obtain a Shell

In this scenario we will utilize a command injection vulnerability to obtain a linux reverse shell prompt on the victim webserver. The command injection vulnerability we will be using has been demonstrated in a previous blog post found here. Before we do this, we will need a some kind of shell script or command to […]

Simple OS Command Injection

Below is an example of simple OS command injection. OS command injection is a vulnerability where we can inject an Operating System command into the URL or code of a web page and have it execute on the server. This is a critical flaw and can be used to run commands on the webserver underlying […]