[VIDEO] From SQL injection to shell II – Detailed Walk-through
| Posted in Security Videos | Posted on 17-10-2013
0
Difficulty
Intermediate
Details
This video details the exploitation of a blind SQL injection in a PHP based website and how an attacker can use it to gain access to the administration pages. Then, using this access, the attacker will be able to gain code execution on the server by using a configuration issue.This video is a detailed walkthrough to a hacking challenge created by PentesterLab.
What you will learn?
- Blind SQL injection exploitation using time-based exploitation
- Hiding Webshell Backdoor Code in Image Files
- Gaining code execution using a PHP webshell
Requirements
- A Virtual Machine (Example: VMware Player or Virtual Box)
- From SQL injection to shell II
- from_sqli_to_shell_II.iso (64-bit, 173M, MD5: f39875aeba47ac77ea0410e7bb1b5fa9)
- from_sqli_to_shell_II_i386.iso (32-bit, 170M, MD5: 8434d28a36562b2a2f94b4753036df7f)
- A good understanding of SQL
- A good understanding of HTTP
- A basic understanding of PHP
- Yes, that's it!
Songs
- See-Saw-yasashii yoake TV-size
- A Stray child – Emily Bindinger
- Affectivity by projeqht
Kindly use the comment box below for feedbacks
– InfosecShinobi
