Command Injection

A command injection vulnerability allows an attacker to execute arbitrary system commands, which can result in a entire takeover of the web server. Learn here, how you can prevent command injections!

Security Assessment

Security_Assessment_CommandInjection

CVSS Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/CR:M/IR:M/AR:M/MAV:N/MAC :L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H

Vulnerability Information

A command injection vulnerability allows an attacker to execute arbitrary system commands, which can result in a entire takeover of the webserver. Command injection attacks are possible if a web application passes untrusted user input directly to functions likeexec()orsystem().

Guides

A command injection vulnerability exists when user supplied input is not validated correctly by the web application. The following snippet shows PHP code which is vulnerable to command injection.

command_injection

https://github.com/crashtest-security/gist/blob/master/injection/command_injection

In the case of the vulnerable code above, the attacker could escape the ping command by adding a semicolon to the command and executing arbitrary other system commands. Example input: ; cat /etc/passwd

In order to secure your web application from command injection, validate the users input and only allow commands that are needed for the task. You can also sanitise the users input by removing characters like ; and other shell escapes like &, &&, |, ||, <.

For more information about Crashtest Security visit crashtest-security.com.