{"author_name":"ThisIsOne","blog_url":"https://cysec148.hatenablog.com/","categories":["Web Security Academy","\u8a3a\u65ad\u30de\u30cb\u30e5\u30a2\u30eb"],"provider_name":"Hatena Blog","image_url":null,"version":"1.0","published":"2025-06-05 18:59:54","description":"Hello there, ('\u03c9')\u30ce \ud83c\udfaf 1. OS\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u3068\u306f\uff1f OS\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306f\u3001\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u304c\u30e6\u30fc\u30b6\u304b\u3089\u306e\u5165\u529b\u3092\u4f7f\u3063\u3066OS\u306e\u30b7\u30a7\u30eb\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u5834\u5408\u306b\u3001 \u305d\u306e\u5165\u529b\u5024\u306b \u30b3\u30de\u30f3\u30c9\u3092\u8ffd\u52a0\u633f\u5165\uff08\u6ce8\u5165\uff09\u3057\u3066\u3001\u610f\u56f3\u3057\u306a\u3044\u64cd\u4f5c\u3092\u884c\u308f\u305b\u308b\u8106\u5f31\u6027\u3067\u3059\u3002 \ud83d\udca5 \u653b\u6483\u30a4\u30e1\u30fc\u30b8\uff08\u4f8b\uff09 # \u60aa\u3044\u5b9f\u88c5\u4f8b os.system(\"ping \" + user_input) \u3053\u306e\u3068\u304d\u3001\u30e6\u30fc\u30b6\u304c 8.8.8.8; cat /etc/passwd \u3092\u5165\u529b\u3059\u308b\u3068\uff1a ping 8.8.8.8; cat /etc/passwd \u2192 ping\u306e\u3042\u3068\u306b /etc/passwd \u304c\u8aad\u307f\u53d6\u3089\u308c\u3066\u51fa\u529b\u3055\u2026","html":"","height":"190","url":"https://cysec148.hatenablog.com/entry/2025/06/05/185954","type":"rich","title":"OS\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u8a3a\u65ad\u30de\u30cb\u30e5\u30a2\u30eb\uff08OS Command Injection\uff09","provider_url":"https://hatena.blog","author_url":"https://blog.hatena.ne.jp/ThisIsOne/","width":"100%","blog_title":"Shikata Ga Nai"}