From 4fea31656f8443424a008b3d481dae571af97415 Mon Sep 17 00:00:00 2001 From: Taleb Qasem <97813742+TalebQasem@users.noreply.github.com> Date: Mon, 10 Oct 2022 06:18:23 +0600 Subject: [PATCH] Update command-injection.md --- pentesting-web/command-injection.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pentesting-web/command-injection.md b/pentesting-web/command-injection.md index 786403a8..d6627475 100644 --- a/pentesting-web/command-injection.md +++ b/pentesting-web/command-injection.md @@ -22,7 +22,7 @@ Get Access Today: ## What is command Injection? -OS command injection (also known as shell injection) is a web security vulnerability that allows an attacker to execute arbitrary operating system (OS) commands on the server that is running an application, and typically fully compromise the application and all its data. (From [here](https://portswigger.net/web-security/os-command-injection)). +OS command injection (also known as shell injection) is a web security vulnerability that allows an attacker to execute an arbitrary operating system (OS) commands on the server that is running an application, and typically fully compromise the application and all its data. (From [here](https://portswigger.net/web-security/os-command-injection)). ### Context @@ -44,14 +44,14 @@ $(ls) # $() ls; id # ; Chain commands ls${LS_COLORS:10:1}${IFS}id # Might be useful -#Not execute but may be interesting +#Not executed but may be interesting > /var/www/html/out.txt #Try to redirect the output to a file < /etc/passwd #Try to send some input to the command ``` ### **Limition** Bypasses -If you are trying to execute **arbitrary commands inside a linux machine** you will be interesting in read about this **Bypasses:** +If you are trying to execute **arbitrary commands inside a linux machine** you will be interested to read about this **Bypasses:** {% content-ref url="../linux-hardening/useful-linux-commands/bypass-bash-restrictions.md" %} [bypass-bash-restrictions.md](../linux-hardening/useful-linux-commands/bypass-bash-restrictions.md) @@ -107,7 +107,7 @@ Get Access Today: ### Time based data exfiltration -Extracting data : char by char +Extracting data: char by char ``` swissky@crashlabâ–¸ ~ â–¸ $ time if [ $(whoami|cut -c 1) == s ]; then sleep 5; fi