Perl Command Injection
by Redacted1133 - November 18, 2021 at 10:23 AM
#1
Is there anyone who wouldn't mind helping me with a perl command injection vulnerability that I found on a website? I found it using burpsuite, and I've injected commands like sleep(10) in the parameter with the command injection vulnerability to help prove it's vulnerable. My goal is to get a bind shell, but I don't fully understand how to inject a whole bind shell script into the single website parameter. Please help my dumbass out, I would seriously appreciate it.
Reply
#2
If it's command injection you can wget and execute a bind/reverse shell. Depending on the server setup you might not be able to access a bind shell.
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
ForumRAID and injection sell public data. KundenList 13 842 November 29, 2021 at 10:53 PM
Last Post: septaneno
Operating Systems Can be Detected Using Ping Command 5t4rdu5t 0 321 May 18, 2021 at 08:59 AM
Last Post: 5t4rdu5t
Academic sites which "seems" vulnerable to SQL blind injection ? Werwolf_024 2 473 April 25, 2020 at 08:56 AM
Last Post: GingerHunter

 Users browsing this thread: 1 Guest(s)