https://hexpysya.github.io/tags/command-injection/Recent content in Command Injection on bubka hacks stuffHugo -- gohugo.ioen-usThu, 02 Apr 2026 00:00:00 +0000https://hexpysya.github.io/blue_team/ld-whoami-command-detected-in-request-body/Thu, 02 Apr 2026 00:00:00 +0000https://hexpysya.github.io/blue_team/ld-whoami-command-detected-in-request-body/An external attacker from a CHINANET-hosted IP (61.177.172.87) exploited a command injection vulnerability on WebServer1004, executing five OS commands via the ?c= parameter against /video/ - including cat /etc/passwd and cat /etc/shadow - all of which returned HTTP 200 with distinct response sizes, confirming successful remote code execution. The case was escalated to Tier 2.