# Task 5 - Command Injection Practical

## Task 5 <mark style="color:blue;background-color:blue;">\[Severity 1]</mark> Command Injection Practical

### What strange text file is in the website root directory?

<details>

<summary>Reveal Flag <span data-gb-custom-inline data-tag="emoji" data-code="1f6a9">🚩</span></summary>

:triangular\_flag\_on\_post:`drpepper.txt`

</details>

### How many non-root/non-service/non-daemon users are there?

<details>

<summary>Reveal Flag <span data-gb-custom-inline data-tag="emoji" data-code="1f6a9">🚩</span></summary>

:triangular\_flag\_on\_post:`0`

</details>

### What user is this app running as?

<details>

<summary>Reveal Flag <span data-gb-custom-inline data-tag="emoji" data-code="1f6a9">🚩</span></summary>

:triangular\_flag\_on\_post:`www-data`

</details>

### What is the user's shell set as?

<details>

<summary>Reveal Flag <span data-gb-custom-inline data-tag="emoji" data-code="1f6a9">🚩</span></summary>

:triangular\_flag\_on\_post:`/usr/sbin/nologin`

</details>

### What version of Ubuntu is running?

<details>

<summary>Reveal Flag <span data-gb-custom-inline data-tag="emoji" data-code="1f6a9">🚩</span></summary>

:triangular\_flag\_on\_post:`18.04.4`

</details>

### Print out the MOTD.  What favorite beverage is shown?

{% hint style="warning" %}
**HINT:** 00-header
{% endhint %}

<details>

<summary>Reveal Flag <span data-gb-custom-inline data-tag="emoji" data-code="1f6a9">🚩</span></summary>

:triangular\_flag\_on\_post:`Dr Pepper`

</details>

##