Command Injection in DVNA
Last updated
Last updated
Step 1: Click on "A1: Injection" > "Command Injection: Network Connectivity Test"
Step 2: On the "Test System Connectivity" page, enter 8.8.8.8
in the Address field and click Enter. Capture the request that is made using Burp Intercept
Step 4: Send the intercepted request to Burp Repeater(CTRL+R) and navigate to repeater(CTRL+SHIFT+R)
Step 5: In the POST request in Repeater, modify the "address" parameter in POST body to 8.8.8.8;ip addr
and forward the request. The OS executes the ping 8.8.8.8
and the ip addr
commands and provides the output to the client.