Skip to content

omurugur/OS_Command_Payload_List

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 

Repository files navigation

OS Command Injection Vulnerability Payload List

Donate using Liberapay

Overview:

Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges of the vulnerable application. Command injection attacks are possible largely due to insufficient input validation.

This attack differs from Code Injection, in that code injection allows the attacker to add his own code that is then executed by the application. In Command Injection, the attacker extends the default functionality of the application, which execute system commands, without the necessity of injecting code.

References

• OS Command Injection point_right https://www.owasp.org/index.php/Command_Injection

Download

Cloning an Existing Repository ( Clone with HTTPS )

root@slife:~# git clone https://github.com/omurugur/OS_Command_Payload_List.git
Cloning an Existing Repository ( Clone with SSH )

root@slife:~# git clone [email protected]:omurugur/OS_Command_Payload_List.git

Contact

Donate!

Support the authors: