Command Injection & SSI
The course is part of this learning path
In this course, we continue working on bWAPP and we're going to use it to learn about some new attacks, namely command injection and SSI vulnerabilities.
Hi, within this section, we're going to focus on command injection vulnerabilities. But before we start I want to show you a lifesaving tool that we use with Burp Suite. Because I have said that before, we're going to use Burp Suite along with the old sections over here, we're going to deep dive into Burp Suite much more at the rest of the course as well. So, we will be going into the Burp Suite and then to Firefox proxy settings each time. So, there is a tool that makes everything much more easier for us. So, I'm going to show you first. So, I'm going to just write just start this Burp Suite. So, make sure you started as well, make sure you start it and use it every time you do web penetration tests. We haven't seen the intruder and repeater and decoder and other things I know. So, we haven't seen them yet but we're going to see them all. Don't worry about it. So, let me up and google.com and see if my Internet is working. So, I believe it's working. Do I have... No it's working. Let me go to preferences, and go into the network settings. So, even though I start Burp Suite I didn't go into the manual proxy configuration yet, so I will show you a much better way to do this. I'm going to leave this as "Use system proxy settings." because it will be a pain to come back here and just close it down and open it again every time we deal with this Burp Suite. So, I'm going to search for foxy proxy. And as you can see it's an add-on for Mozilla or for Firefox. So, this is an add-on, and we can use this tool in order to pretty find some proxy settings. All you have to do is just click on the 'Set to Firefox', okay? It will ask you for permission and if you give it. Here we go, you can see the Foxy over here. So, let's see what it's asking for. It's asking for if we can actually use this in Private Windows. I'm not even going to use Private Windows, but I'm just going to allow it, okay? I'm going to say 'Got it'. So, here we go. Now, what we can do with it, we can just predefine some proxy settings. So, right now it's disabled, if you click on that you can see there is an options, what's my IP and logs as well. So, we're going to go for the options. Obviously, we don't have any kind of configuration right now, after we add it will be appeared in the menu. So, you're going to say 'Add' from here or from there to add a proxy. So, you can give it any title you want. I'm going to call this Burp because we're going to use this with Burp every time, Burp proxy. And proxy type will be HTTP or let me come back to here. here we go, proxy IP address or DNS name. So, this will be 127.0.0.1 and port will be 8080 as we have seen before in the Burp Suite. So, username and password, we don't need them. So, let's see in pattern shortcuts. it will be enabled. And it will be displayed in there. So, whitelist pattern. Yes, let's leave that on. Do not use for localhost. No, let's leave that off. So, I'm not changing any defaults. I just have written down 127.0.0.1 and 8080. And here we go. Now, we see the Burp proxy over here. If we click on that now we can just tackle the proxy from there. So, rather than going to the network, I can just come over here and click on the Burb proxy and now it's in the proxy mode. So, every time I open the Burp proxy I can just go to Foxy Proxy and change it to be Burp. And then when I close that down, then I can just go back and close it off, turn it off. So, I'm going to turn the intercept off right now and as you can see Google has been tagged over here, I can see the requests and responses. So far so good. So, it's working. So, that's all I wanted to show about Foxy Proxy now we're going to go back to our bWAPP. Okay, make sure your bWAPP is running and log in with bee/bug as usual. So, don't forget about your credentials. And here we go. Now, we're going to come over here to our menu, our usual menu and we're going to work with OS Command Injections or OS Command Injections. But we're going to do that in the next lecture. So, just come over here and wait for the next lecture.
Atil is an instructor at Bogazici University, where he graduated back in 2010. He is also co-founder of Academy Club, which provides training, and Pera Games, which operates in the mobile gaming industry.