Ping Command Injection Challenge

The form below lets you send pings to a remote host. Unfortunately, it has a vulnerability.

To use the form normally, enter a target, such as

google.com
To see the vulnerability, enter
google.com; ls
Target IP:    

Challenge: Add Your Name to the Winners Page

Put your name in this file:

/tmp/ping/winners
After one minute, your name will appear on the WINNERS page here:

http://attack3214.samsclass.info/root/bufo-winners.html


Last revised 2-15-17