This lab contains an OS command injection vulnerability in the product stock checker.
🛠️ The application executes a shell command containing user-supplied product and store IDs, then returns the raw output in the respon
Execute the whoami command to determine the current user on the server
We’re dealing with a simple command injection lab.
The vulnerability lies in the following GET parameters:
ProductId=1&StoreId=1 We'll test command injection by injecting into those parameters.
i will try some symbols and show the response
first i send the
productId=5&storeId=1& echo"hellohacker"
but nothing i try the productId=5&storeId=1&whoami&
but the same response so i guess the server Filter this character → &
i changed it and i try this character |
here we go it is working
let’s try the target payload