Command injection

Command injection occurs when flaws in a web application allow the execution of OS commands. This typically occurs because inputs are not properly sanitized, allowing attackers to change or add to executed commands.

  • To identify potential command injection vulnerabilities, pay particular attention to functionality within web applications that is normally performed by OS commands

  • Use command line symbols in input fields to test for command injection

    • ; (used to separate commands in Bash)

    • |

    • || (second command runs if first fails)

    • &

    • && (second command runs if first succeeds)

    • >

    • >>

  • Be sure to use commands specific to the target OS

    • cat vs. type

    • ping vs. ping -c

    • ls vs. dir


command; id
command && whoami
command || ls (or dir depending on OS)
command; cat /etc/passwd 
command; type C:\Windows\win.ini
command; ping -c5 $ipaddress

Last updated