Forum Thread: Command Execution on Dvwa High Security Level?

Command Execution on Dvwa High Security Level?

How to execute command on DVWA high security level?

Here is the code:

Command Execution Source

<?php

if( isset( $POST 'submit' ) ) {

$target = $REQUEST"ip";

$target = stripslashes( $target );

// Split the IP into 4 octects
$octet = explode(".", $target);

// Check IF each octet is an integer

if ((isnumeric($octet0)) && (isnumeric($octet1)) && (isnumeric($octet2)) && (isnumeric($octet3)) && (sizeof($octet) == 4) ) {

// If all 4 octets are int's put the IP back together.
$target = $octet0.'.'.$octet1.'.'.$octet2.'.'.$octet3;

// Determine OS and execute the ping command.
if (stristr(phpuname('s'), 'Windows NT')) {

$cmd = shellexec( 'ping ' . $target );
echo '<pre>'.$cmd.'</pre>';

} else {

$cmd = shellexec( 'ping -c 3 ' . $target );
echo '<pre>'.$cmd.'</pre>';

}

}

else {
echo '<pre>ERROR: You have entered an invalid IP</pre>';
}

}

?>

2 Responses

The high security setting is supposed to demonstrate the correct way to perform the exploited function. In other words, it's not meant to be exploitable in this setting.

-Defalt

i've found tutorials for sql injections and csrf in high security. so i think there is a way for it too.

Share Your Thoughts

  • Hot
  • Active