whx
/
killchain-compendium
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
killchain-compendium/Exploits/Web/Command Injection.md

567 B
Raw Blame History

PHP Command Injection

Injecting commands to execute code on the server side via php.

Blind Injection

  • Check via ping, open a tcpdump on ICMP to listen for packets
  • Redirect to logfile and read
  • Use sleep or timeout to check if ci is possible in general

Detect Blind Command Injection

Try to save output to URI resource like output.php

Functions

  • Watch out for
    • eval()
    • exec()
    • passthru()
    • system()