Skip to content

Instantly share code, notes, and snippets.

@stasinopoulos
Created April 14, 2017 07:09
Show Gist options
  • Save stasinopoulos/95861570bdd6c9ab70325cc9ca68afd3 to your computer and use it in GitHub Desktop.
Save stasinopoulos/95861570bdd6c9ab70325cc9ca68afd3 to your computer and use it in GitHub Desktop.
Simple JSP application (vulnerable to OS command injections)
<FORM METHOD=GET ACTION='cmd.jsp'>
<INPUT name='addr' type=text>
<INPUT type=submit value='Submit!'>
</FORM>
<%@ page import="java.io.*" %>
<%
String addr = request.getParameter("addr");
String[] ping = {"/bin/sh", "-c", "ping -c2 " + addr};
String output = "";
if(ping != null) {
String s = null;
try {
Process p = Runtime.getRuntime().exec(ping);
BufferedReader sI = new BufferedReader(new InputStreamReader(p.getInputStream()));
while((s = sI.readLine()) != null) {
output += s;
}
}
catch(IOException e) {
e.printStackTrace();
}
}
%>
<pre>
<%=output %>
</pre>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment