OS Command Injection
What is OS Command Injection
OS Command Injection is a very serious and dangerous website vulnerability, it allows a hacker to execute a remote command using separators such as (&,//;|). OS Command injections can be blind or error based, error based are more dangerous because you can tell straight away that there’s a vulnerability, blind being the hardest because it doesn’t produce errors.
OS Command Injection – Low
;uname -a Information about the system
;whoami who the current user is
;ls looks at files inside the current directory
Heres a video.