RCE via argument injection

This exercise covers a remote command execution vulnerability in which an attacker can only inject arguments

> 4 Hrs.
Brown Badge


In this course, you'll learn to exploit a vulnerability akin to CVE-2020-7115. The application in question uses the `clamscan` command to check uploaded files for malware. The crafted filenames can be manipulated to execute arbitrary code by bypassing security functions such as `basename` and `escapeshellcmd()` in PHP.

The lab demonstrates how to exploit more complex command execution scenarios. Despite the limitations imposed by `basename` and `escapeshellcmd()`, you will learn how to forge your own exploit to gain command execution on a server. This exercise is designed to enhance your understanding of intricate command injection vulnerabilities and their exploitation.

Want to learn more? Get started with PentesterLab Pro! GO PRO