From 331f3b0423a3466e32f8b4b237c96172acf6cc8a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=B0smail=20Ta=C5=9Fdelen?= Date: Thu, 15 Aug 2019 19:10:01 +0300 Subject: [PATCH] Update README.md readme fix update --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index 1787f30..b3e7a79 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,5 @@ ## Command Injection Payload List - - Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges of the vulnerable application. Command injection attacks are possible largely due to insufficient input validation. This attack differs from Code Injection, in that code injection allows the attacker to add his own code that is then executed by the application. In Command Injection, the attacker extends the default functionality of the application, which execute system commands, without the necessity of injecting code.