Project 3a Hacking Web Apps With Command Injections and Patching Them
Project 3a Hacking Web Apps With Command Injections and Patching Them
Patching them
command injection (also known as shell injection) is a web security
vulnerability that allows an attacker to execute arbitrary operating system
(OS) commands on the server that is running an application, and typically
fully compromise the application and all its data.
Why Do Web Applications Need to Execute System
Commands?
In this example of the command injection vulnerability, we are using the ping
functionality, which is notoriously insecure on many routers. Imagine a
vulnerable application that has a common function that passes an IP address
from a user input to the system's ping command. Therefore, if the user input is
127.0.0.1, the following command is executed on the host operating system:
ping -c 5 127.0.0.1
ping -c 5 127.0.0.1; id
In the above example, first the ping command is executed and directly after
that the id command execution takes place. Therefore the command output on
the page will look like this:
During an OS command injection attack, the attacker can also set up an error
based attack. For example, a code injection in this case will typically look like
the below:
ping -c 5 "$(id)"
Classification ID / Severity
CAPEC 88
CWE 78
WASC 31
OWASP 2013 A1
CVSS:3.0 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Netsparker Critical