#command-injection

4d ago · 2 min read · OS command injection What is command injection? Command injection is a vulnerability that allows an attacker to execute operating system (OS) commands on the server that is running an application. A s

Join discussion

RRridesh raju bijwerideshcyber.hashnode.dev

0

SOC168 – Whoami Command Detected in Request Body Walkthrough (EventID:118)

Feb 28 · 4 min read · A Command Injection Investigation | LetsDefend SOC Lab Today’s alert immediately caught my attention: Whoami Command Detected in Request Body At first glance, it may look like a harmless Linux command

Join discussion

AMAmr Mohammedamrmoadel.hashnode.dev

0

Cyclic Scanner - Android Service Exploitation Walkthrough

Feb 23 · 6 min read · Overview The lab description makes one thing very clear: this challenge is about exploiting an Android Service to achieve RCE. There is no confusion about the goal, and there is no need to explain wha

Join discussion

ZOZeroTrust Opsnavyacyber.hashnode.dev

0

Day 15: Web Attack Forensics – Drone Alone

Dec 31, 2025 · 2 min read · The Mission: Decoding the Drone Disturbance The town's drone scheduler started behaving erratically, receiving strange, unusually long HTTP requests containing Base64 chunks. The goal for this "Boss Rush" stage was to act as a Blue Teamer (defender) ...

Join discussion

PPwniversepwniverse.hashnode.dev

0

CVE-2022-31814 - pfSense Unauthenticated Remote Code Execution in pfBlockerNG Package

Oct 2, 2025 · 1 min read · Vulnerability Command injection vulnerability exists in index.php of pfBlockerNG. Host header, which is user input, is entered into exec. <?php /* index.php pfBlockerNG (DNSBL) Copyright (c) 2015-2016 BBcan177@gmail.com All rights re...

Join discussion

GGitHubOpenSourcegithub-open-source.hashnode.dev

0

Commix: Your New Secret Weapon for Command Injection Vulnerability Hunting

Aug 30, 2025 · 3 min read · 📝 Quick Summary: Commix is an open-source penetration testing tool written in Python that automates the detection and exploitation of command injection vulnerabilities. It allows security professionals and researchers to identify and exploit command...

Join discussion

IAIdo Abramovid0xa.hashnode.dev

0

HackTheBox - Command Injections - Skills Assessment Walkthrough

Jul 25, 2025 · 2 min read · Scenario You are contracted to perform a penetration test for a company, and through your pentest, you stumble upon an interesting file manager web application. As file managers tend to execute system commands, you are interested in testing for comma...

Join discussion

JJebitoksharonjebitok.com

0

Challenges: Chill Hack (TryHackMe)

Jul 18, 2025 · 7 min read · The Chill Hack machine on TryHackMe is an easy-level CTF focused on web exploitation, privilege escalation, and creative command injection techniques. The challenge starts with a seemingly harmless website, but deeper inspection reveals vulnerable PH...

Join discussion

KNKhoa Nguyenkhoafrancis.xyz

0