Command Injection is a critical web security vulnerability that occurs when an application passes unsafe user input into a system shell or command interpreter. If the input isn't properly sanitized, an attacker can inject and execute arbitrary OS commands on the server.
Command injection typically arises when developers use functions like:
system()exec()shell_exec() (PHP)Runtime.exec() (Java)popen()...and directly concatenate user input without validation.
<?php
$ip = $_GET['ip'];
echo shell_exec("ping -c 1 " . $ip);
?>
If an attacker visits:
<http://example.com/ping.php?ip=127.0.0.1;ls>
The command that runs on the server is:
ping -c 1 127.0.0.1; ls
This executes ping, then lists all files in the directory (ls).