Learn how to recognize command injection attacks, a common web application vulnerability, with an in-depth explanation and real-world example.
Table of Contents
Question
Refer to the exhibit. Which attack is being attempted against a web application?
10.20.1.21 -- [05/Mar/2018:20:04:30 +0000] "GET /user?name=%3B/bin/sh%20-c%20id HTTP/1.1" 200 178 "-" "Wget/1.17.1 (linux-gnu)"
A. command injection
B. man-in-the-middle
C. denial of service
D. SQL injection
Answer
A. command injection
Explanation
The provided log entry shows a GET request made to a web application with the URL parameter “name” containing “;/bin/sh -c id”. This is an attempt at command injection, where the attacker tries to execute arbitrary system commands by injecting malicious input into a web application that’s vulnerable to interpreting user input as commands. In this case, the attacker is attempting to run the “/bin/sh -c id” command, which would display the current user’s identity information.
Cisco 200-201 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Cisco 200-201 exam and earn Cisco 200-201 certification.