In this article, we are telling you about OS Command Injection Attack, here we are telling you by solving some of its labs, you have been told about OS Command Injection Attack earlier.
But there you were told about OS Command Injection Attack in BWAPP and DVWA but here we are telling you how we can do OS Command Injection Attack.
If you have not read our article about OS Command Injection Attack, then you must first read it, then only you can understand it practically, here you are not being told the theory.
Note – This article is only for educational purpose. Don’t miss use your knowledge and skills.
OS Command Injection Attack Labs ?
Here we are telling you to solve three labs of OS Command Injection Attack, here you also get two labs other than this, which you can try to solve by yourself.
Also Read
what is oauth 2.0 authentication vulnerability
Web cache poisoning vulnerability
OS Command Injection attack Simple Case
Here first you have to run the burp suite normally as we tell you in all the articles, here you have to do the same now, after doing all this, you have to access lab.
https://portswigger.net/web-security/os-command-injection/lab-simple
After accessing the lab here, the home page is open in front of you in such a way that as you can see in the image, here you can open any product, it is your choice.
After opening the product, you get the option of check stock there, you get it in all the products. Here, if you want, you can also check stock by capturing the live request, here we are telling you first to understand.
After doing all this, you have to go to http history of burp suite, it shows you the url in some way as you can see in the image here you can send the same request to repeater.
Here after sending the request to the repeater, you have to give the command here as you can see in the image, you will know why the whoami command is used, you get the user’s name to show.
What is username enumeration vulnerability
Here this lab will solve you, but here you have to capture the request live, after that you have to forward the request as you can see in the image, likewise you have to intercept on and click on check stock.
Here you use the whoami command and click on the forward button, in such a way you will see that along with the limit of stocks, the name of the user will also be shown as you can see in the image.
Here on live websites you can use payloads of OS Command Injection Attack as you can see in the image, here you have got a message show of congratulations like here you get on solving labs.
Blind OS Command Injection Using Time Delays ?
https://portswigger.net/web-security/os-command-injection/lab-blind-time-delays
In this way, you can solve blind OS command injection using time delays lab by doing the same process. First of all, you have to run the burp suite normally here. You have been told about burp suite in almost all the articles before.
After accessing the lab here, the home page is displayed in front of you in this way, here you get the option of submit feedback as you can see in the image, here you have to click on submit feedback.
Here you get a page like this, here you can give whatever you want according to your image as you can see in the image here, you have to use the email parameter here, before clicking submit feedback, you can do intercept on in the burp suite.
As you can see in the image, a request will be captured in this way in front of you, here you have to make changes in the email parameter, after that you can solve the lab of OS Command Injection Attack.
As you can see in the image here the ping command has been used and here almost everyone knows why and when we use the ping command, after doing all this, you have to forward the request.
By doing this you will be able to see that this lab will also be solved, here you get many types of OS Command Injection Attack payloads, whose links will also be found in this article.
https://github.com/payloadbox/command-injection-payload-list
Blind OS command injection with out-of-band interaction ?
https://portswigger.net/web-security/os-command-injection/lab-blind-out-of-band
Similarly, you can also access the Blind OS command injection with out-of-band interaction lab. Accessing the lab here is not being told to you, here also you get the option to submit feedback on the home page.
As you have been told in the previous lab, here also you have to do the same process by filling the information in some way in the submit feedback, you have to capture the request live.
After doing all this, you get a request in this way, here you have to use the nslookup command in this way, why is this command used, if you have reached here, then you know
Here burpcollaborator is found in the burp menu, apart from these, when you solve other labs of OS Command Injection Attack Vulnerability, you need it there, you can try it yourself.
After doing all this, you have to forward the request in front of you, something like this is shown in the same way you can show in the previous lab, here you have to forward the request again.
After forwarding the request, you will be able to see that this lab with OS Command Injection Attack will also be solved, as you can see in the image, here also you have got a message show of congratulations.
The Conclusion
I hope that now you know practically about the OS Command Injection attack, here you have been told an article about it before, you must read it before doing all this.
Here we have told you how we can find the OS Command Injection attack bug in different ways, here you get two more labs like this, which you must try to solve by yourself.
0 Comments:
Post a Comment