Injection
An introduction to Command Injection
Blind Command Injection
Lets go to the webpage
Lets try to find the Kernel Version and redirect it to a file and then read the file
Now lets enter root and look at the response for the answer to the next question
Now lets enter www-data
Lets enter our name and see what the output is
Active Command Injection
Lets go to the webpage that they mention
Lets look at the files and see if there is an interesting file with the ls command
There is an interesting file
To see how many users are there on the machine, we can read the /etc/passwd file
We can look at this output by going to the source code
We can see which user the app is running as with the whoami command
We can see what this user's shell is set as in the /etc/passwd file
We can see what version of Ubuntu is running by using the command lsb_release -a
We can print out the MOTD with this command
Get the Flag!
Lets first get a reverse shell on the machine so that we can navigate through the machine easier.
First we start a netcat listener
Now we use the reverse shell command
Lets hit Submit
We have a shell, lets stabilize it
Lets now look for the flag, it might be a txt file and maybe called flag, so lets look for that
We have the flag, lets read it
Last updated