# Command Injection

#### What is Command Injection?

* **Command Injection** is a type of security vulnerability where an attacker can execute arbitrary commands on a host operating system via a vulnerable application.
* It typically occurs in web applications that improperly process user input to execute system-level commands.

#### How Does Command Injection Occur?

* **Vulnerable Input Processing:** When user input is not properly validated or sanitized, and directly used in a system command.
* **Commonly Affected Languages/Technologies:** PHP, Java, Python, Shell scripts, SQL databases with system command functions.

#### Examples of Command Injection

* A web form that takes a user input (like a username) and uses it in a system command without proper validation.
* URL parameters or HTTP headers that are concatenated directly into system commands.

#### Basic Example

* Unsafe code in PHP: `shell_exec('ping ' . $_GET['ip']);`
* In this example, if an attacker inputs `8.8.8.8; rm -rf /`, it could lead to the execution of a harmful command (`rm -rf /`).

#### Impact

* **Data Breach:** Unauthorized access to or theft of data.
* **System Compromise:** Gain control over the host system.
* **Denial of Service:** Disrupt services by executing resource-intensive commands.

#### Prevention and Mitigation

* **Input Validation:** Strictly validate user inputs for expected formats.
* **Use Safe APIs:** Use language-specific safe APIs that abstract command execution.
* **Escaping Inputs:** Properly escape special characters in user inputs.
* **Least Privilege Principle:** Run applications with the least privileges necessary.
* **Regular Security Auditing:** Regularly audit code and applications for vulnerabilities.

#### Testing for Command Injection

* **Manual Testing:** Attempt to input system commands through the application.
* **Automated Tools:** Use security scanning tools like OWASP ZAP, Burp Suite.
* **Code Review:** Regularly review code for potential vulnerabilities.