OS command injection simple case

By /
OS command injection simple case

OS command injection simple case

1: Access the LAB.

Website: https://portswigger.net/web-security/os-command-injection/lab-simple

OS command injection simple case 1

2: Open the Burp Suite and on the Intercept.

3: Open the Product.

OS command injection simple case 2

4: Check the Stock.

OS command injection simple case 3

5: Go to the Proxy and then open the HTTP history and check the POST method of the product stock.

OS command injection simple case 4

6: Send to the Repeater.

Shortcut key: Ctrl + R

OS command injection simple case 5

7: Modify the storeID parameter, giving it the value 1|whoami.

Example: productId=1&storeId=1|whoami

OS command injection simple case 6

8: Off the intercept and refresh the page.

9: The LAB is completed.

OS command injection simple case 7

PortSwigger Labs

Must Read

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top