1.4 Command Injection Lab Instructions

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

12 hours 9 minutes
Video Transcription
everyone Welcome back to the core. So in the last video, we went over our sequel injection portion of the lab
in this video, where to cover command injection.
So as usual, just make sure you're loved in the cyber environment. Now, I've already got the lab pulled up in the background there. If you continue down from the previous lab, then you don't need to go through the steps of closing these pop ups because you will not. You should not see them at least. Um, And if you just continue on with the LAPD
for me, I've just went ahead and launch the lab again. It has gone to the command ejection section, so you'll notice I of the pop ups in the background there.
So let's go ahead and get started. So well, close these pop ups just by clicking. Continue
on there, and that should close it out for us. And now we're taking to the Kelly Lennox log in screen.
We'll talk in student for the user name and then also for the password.
So against to another case.
Now again, if you've already, If you're continuing from the previous lab, you don't need to do this particular step. You should already be loved in. And you should be good to go.
And I might take a member. So for the Cali machine to pull up here for me. What I'm gonna do since I've just loved into Cali for the first time This time around, I'm gonna go ahead and disable the screen lock feature again. If you're continuing from the previous lab, you will not need to do this portion of it to disable the screen lock feature. We just click the arrow at the top right here. Select the
settings icon.
It's gonna take a couple of seconds here, and then it's gonna pull up another window for us
in that window will just click on privacy.
We'll click on screen lock and then we're not Move this little circle to the left side here, a little disabled screen lock with this ex out of those. And now we're actually ready to go ahead and begin our lab.
So if you didn't have to log in to Kelly because you were already loved in, And also, if you didn't have to disable the screen lock, then now you should be good to go. Well, I'll be on the same page.
All right, So if you don't have Firefox lobster ready, go ahead and launch it. And all you have to do is just click the little orange and white icon here at the top left. That'll go ahead and launch the Firefox Web browser for us
and my take a member. So it's gonna pull us up to the Mattila day. Paige again, That's a vulnerable web server application that were Excuse me, Web application server that we're using to do our testing for this particular lap. And as I mentioned before, we're gonna use that throughout the entire course.
All right, so the first thing we're gonna do is on the left side. Once the page pulls up here, we're gonna go to all lost 2017. We're gonna go to the A one injection other.
We're gonna click on command injection again. That's what we're covering in this lab. And then we'll go to D n s look. So let's go ahead and do that now.
So we'll go to a lost 2017 right here. Go to the injection. Other
go down about a quart of the way down to the command injection option on then Just go to D. N s. Look up that top option there. Go ahead and click on that.
It might take a moment. So to pull up that page for us and we'll see we have it here.
So let's go back to our lab document.
So what we're gonna do first, we're gonna just type me till a day into our little box here under the host name I P what? His press enter. And then what? I want you to look for us to see if you see this I p address here, this 1 92.168 dot 1.100. So we're gonna take a look and see if we notice that I p address there. So
in this box is time you till a day
and then either press enter or click on that look of the unis button,
it's going to take a moment or so that's gonna give us back some I p addresses. So again, the question was, do you see an I P address? It's labeled as 1 92.168 dot 1.100.
All right. So we see on my end at least that that is correct. We do see that I p address there. So we're good to go, and you should see the same thing on your site.
Are the next step here. We're gonna open a terminal window here inside of Kelly Olynyk. So the way we're going to do that So we're just gonna select applications at the very top left here is going click on that little arrow. Might take a second or so, pull up the menu for us and then under the favorites. It's gonna be the terminal option right there, which is going to click on that,
and you'll see it'll open a terminal window for us.
All right, let's go back to our lab document.
So now we're gonna do We're enemies in this look up command. And so we're gonna be basically checking for the i p. Address of this particular item.
So we're gonna type in Ennis. Look up, Space me till today. And then we'll just press enter on a keyboard.
So let's look up all one word
space. You kill today,
then just press enter and keyboard. It'll run the command And you see, it just takes a second or so to pull it back for us.
So question number two here is what I p address. Do you see after running the command? So what? I p addresses are listed. There
s specifically I'll give a hint. We're not looking for the local address,
Have you guessed? 1 92.168 Got 1.100. You are correct again. The 1 27.0 dot 0.1. It's a local address. We're not concerned with that for this particular lab at least.
And question number three here. Have you seen the I P addresses before? Well, obviously we have, right, we we have seen that before where we ran the me till a day inside of our host day. My pee Look up box.
All right, so we're gonna go back to our utility window now. So now we're gonna have something different in our host name. I p box.
So we're to type in this command right here. We're gonna type in Mattila Day. Ah, semi colon a space and an I D. So let's go ahead. Do that now.
So we're tied me to a day, A semi colon,
a space in an I d.
And they just press enter new keyboard or click that look up D N s button,
and you're gonna see some results. Come back to us. Let's take a look at our question here.
So question number four What user? I d number do you see? So what's the user? I d number that you see in these results.
All right, so I see that as 33. So we see the user. I d. Right there. We see it's 33 that shone assess the www dot data account.
Now, the next thing in the last step of this particular lab that we're gonna do is want to try to run this command here and see if we can view the e T c p a s s w d. File.
You wanna run this command right here? So we're gonna do make you a day?
Send Michael and Kat
space forward slash e TC ford slash P a s s W d. So don't worry about me reading it off real quick. We're gonna go ahead and do this step by step, so we'll start off with doing me till today. Semicolons. Well, this type that in now
kill a day, semi colon.
The next thing we're gonna do is put a space, and then we're gonna put cat. So let's just go and do that
was put space and then cat will put another space And then finally, we're gonna put forward slash e t c ford slash p a s s w d. Let's go and do that now.
So forward slash e TC for its life p a s s w d.
And then just press enter into keyboard or click the lich Look up Dean s button
to run the command.
All right, so course number five here is Are we able to access to this particular file? So the way we know that as well see different output will see several items of output in our results. So if all we see is just those couple of I p addresses we have seen before that we probably were not successful.
But if we're seeing other stuff in there, then that means we are able to access this particular file. So let's take a look and see what kind of information
were able to see
you scroll down here a little bit.
You'll notice. In addition to the idea I p addresses that we've seen before. We also see all these other things as well. So this is showing us This is actually the contents of that particular file. So of the e T c p a s s w defile. This is showing us the contents of that particular file.
All right, so in this video, all we did is cover a quick command injection. We showed that we can get some results back. If the's server applications particularly vulnerable to this type of attack, we can get information back about specific I P addresses and host names as well as we could potentially read different files on the system.
In the next video, we're gonna cover HTML attacks.
Up Next