Leave us your email and be up to date!
Subscribe now

Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges of the vulnerable application. Command injection attacks are possible largely due to insufficient input validation.

In this release we would like to share with you 21 unique articles written by Web Application Penetration Tester, Mr. Shritam Bhowmick. 

The entire document focused on ‘exploitation techniques’ an application penetration tester or an attacker might use to take advantages of developer code flaw or code design flaw. We opted for ‘gaining in a shell’ in various rigorous operating system environments using ‘PowerShell’ and techniques to evade firewall filters in the journey to obtain a shell in the host target machine which ran IIS web-server and served an intentional vulnerable web application. Our exploitation concluded with post-exploitation via enumerating system privileges and possible other tasks which were needed to be discussed. Techniques to use covert shell in ASP were also covered as part of being stealth and invisible to the web administrators which is always an added advantage to the penetration testers while going through and operational application penetration test on the target.

Contents:

Page 6: Hack
Page 7: Command Injection or Shell Injection    
Page 9: Shellcode Deliverance Scenario – Reverse Shell and Bind Shell    
Page 11: Bind Shell – Binding a Shell with Installed Scripting Languages    
Page 13: Reverse Shell – Establishing a Data Stream via TCP/IP Sockets    
Page 26: Shell Injection v/s Remote Code Execution v/s Code Injection    
Page 34: Command Injection Vulnerable Code using PHP ‘system()’ Function    
Page 37: Exploiting Command Injection on PHP to Obtain Command Execution    
Page 40: Obtaining a Shell via Arbitrary Command Execution on PHP Application    
Page 44: Mitigating Page 6: Vulnerable PHP Code Using Safe Escape Functions    
Page 49: Secure Design PHP Code Implementation   
Page 51: Command Injection Vulnerable Code Using WScript in Classic ASP  
Page 57: Exploiting Command Injection on ASP to Obtain Command Execution    
Page 69: Obtaining a Shell via Arbitrary Command Execution on ASP Application    
Page 78: Post-Exploitation Using PowerShell via InvokeShell.ps1   
Page 84: Mitigating Vulnerable ASP Code Using Safe API Functions   
Page 87: OS Command Injection Using Intended Vulnerable Application   
Page 96: Obtaining Shell via Telnet Service on Windows Platform   
Page 110: Maintaining a Backdoor Access via Telnet using VSFTPD Set-up    
Page 121: Covert ASP Shell for ASP based Backdoor on IIS Web-Servers    

You may follow the author on LinkedIn

Sample article from "Command Injection Compentium" is available in our Free Content bookmark.

For more ethical hacking publications available on our website, subscribe to Hack Insight and receive:

--> 24 unique magazine editions per one year. 
--> Access to all the previous releases from the archives.
--> Access to special publications, workshops and video tutorials.

Subscribe Now!

Hack Insight @Hackinsight
Reklama Box3