Blind OS command injection with time delays

Let's submit the feedback for one of these products.

We can now proxy the traffic through Burpsuite.

Let's forward this request to the Repeater so that we can modify it.

Once in the Repeater we can set the email parameter to the following and send the request:

x%40gmail.com||ping+-c+10+127.0.0.1||

The response takes 10 seconds to return.

We have solved the lab