ping me in command execution page is not working #4

KajanM · 2018-03-17T14:00:44Z

environment => Windows 10, XAMPP (PHP 7)

initially

after starting ws-socket.php with administrator privilege

After changing line 24 of CommandExecution.php to $reply_data = shell_exec('ping '.$msg);

everything is working fine.

command injection is also working fine

The text was updated successfully, but these errors were encountered:

KajanM · 2018-03-18T01:00:32Z

also, it must be noted that when running docker image in kali linux no such problem is observed. Is it because of PHP version mismatch in XAMPP?

kingthorin · 2018-03-18T01:02:17Z

-c is the Linux (*nix) count switch. The Windows equivalent is -n, number of echo requests to send.

When ping is run under Linux without specifying count then it just keeps running until cancelled.

KajanM · 2018-03-18T01:08:33Z

ohh, thank you @kingthorin. So DVWS is built mainly for Linux environment right?

kingthorin · 2018-03-18T01:12:37Z

That seems to be an assumption that was made.

There must be a way to check platform in php and then use the appropriate switch...I would hope.

interference-security · 2018-03-19T04:08:55Z

Platform check has been implemented for ping command (01d36bd). Thanks @KajanM and @kingthorin

KajanM mentioned this issue Mar 17, 2018

fixed bad value for option -c #5

Closed

KajanM closed this as completed Mar 18, 2018

Provide feedback