The exhibit shows an HTTP GET request with a parameter that includes; /bin/sh -c id.
This indicates a command injection attempt, where the attacker is trying to execute shell commands on the server.
Command injection vulnerabilities allow an attacker to execute arbitrary commands on the host operating system via a vulnerable application.
The use of/bin/shand the-cflag is typical in command injection exploits to run shell commands, such asid, which returns user identity information.
References
OWASP Command Injection
Analyzing HTTP Requests for Injection Attacks
Web Application Security Testing Guidelines
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit