# Front-end Input Validation ![[images/Pasted image 20260104191919.png]] - [CRTL+SHIFT+E] to show dev tools or view with burp - No HTTP request performed indicates front-end validation ![[images/Pasted image 20260104192112.png]] - pattern match ![[images/Pasted image 20260104192159.png]] # Bypassing Front-End Input Validation - Start `burp` - Create an input such as `127.0.0.1` that performs a successful HTTP request - POST request performed ![[images/Pasted image 20260104192430.png]] - [CRTL+R] to send to `repeater` - Modify request to append a command ![[images/Pasted image 20260104192605.png]] - We have working command injection ![[images/Pasted image 20260104192626.png]]