Skip to main content

Popular posts from this blog

Command Injection Without Spaces

I came across a nice little command injection vulnerability while doing a bug bounty recently. The only catch was that I couldn't use any spaces in the commands. Let me go into the details...

Note: I can't post any details about the application as it was a private bounty program.

It all began with the page providing an input box for doing 'nslookup' of a domain or IP entered by the user.
A page like this always excites a bug bounty hunter as the application has to pass user's input to underlying system command to perform nslookup and present the output of that command in the browser. If the developer has made any mistake in validating and sanitizing the input, they inadvertently open the doors to attackers misusing this feature to execute arbitrary commands on the server.

So, when I saw the input box I started to explore and try to force the application in executing arbitrary commands.
I began with simple input google.com

My next automatic try was to input google.com &am…

Installing VMWare Player / Workstation on Kali Linux

This guide is for installing VMware Player or Workstation on Kali Linux. Although this is a simple task, I faced an issue with the kernel headers when launching VMware Player, hence this blog post.

I did these steps with VMware Player but same steps can be followed for Workstation.

1. First of all, download the VMware Player from https://my.vmware.com/web/vmware/free#desktop_end_user_computing/vmware_player/5_0

2. Make the downloaded file executable by navigating to the directory where you downloaded the bundle and execute:
chmod +x VMware-Player-5.0.1-894247.x86_64.bundle

3. Open Terminal and install the packages needed by VMware Player
apt-get install build-essential linux-headers-`uname -r` This will install the kernel headers of your current Linux kernel version.

4.After packages are installed, start the VMware Player installer
./VMware-Player-5.0.1-894247.x86_64.bundle This is pretty much it.

5.Launch the VMware Player by navigating to it from the main menu.

At this stage, I got an error say…

Command Execution on DVWA

So, the other day, I started delving into webappsec and I hit a bummer very soon and hence this post.
Getting started in webappsec is not that hard actually, there are tons of resources for that, just Google it.
I think the best way to learn something is by doing it actually. There are many "vulnerable by design" distros and live sites to practice web application hacking.
In this post I am going to write about DVWA and Command Execution vulnerability which is present in it and how to exploit it.
This being the first post regarding DVWA, I will start with the setup and tools required for this part. Lets get started!