Friday, 6 January 2017

Command Execution Attacks on Web Applications


Reference: Hacking and Securing Web Applications



What is Command Execution or Command Injection?


Command Execution is where a website application provides the ability to execute system commands. 

What is a Command Injection Attack?


The purpose of the command injection attack is to inject and execute commands specified by the attacker in the vulnerable application. In situations like this, the application, which executes unwanted system commands, is like a pseudo system shell, and the attacker may use it as an authorized system user. Note the commands are executed with the same privileges as the application and/or web server. Command injection attacks are possible in most cases because of lack of correct input data validation, which can be manipulated by the attacker (forms, cookies, HTTP headers etc.).

What is Command Injection Harvesting?

Command Injection Harvesting is where a malicious user manipulates a website command execution application to render sensitive data. (E.g., usernames, config files, directory and file listings, etc). 
As an example on DVWA (Damn Vulnerable Web Application is a php vulnerable application which can be downloaded and used for testing), running below commands will initiate a command execution attack:

Unix/Linux Example on DVWA: 9.9.9.9; cat /etc/passwd
Windows Example on DVWA: 9.9.9.9 && dir

No comments:

Post a Comment