摘要:
REMOTE FILE INCLUSION Similar to local file inclusion. But allows an attacker to read ANY file from ANY server. Execute PHP files from other servers o 阅读全文
摘要:
LOCAL FILE INCLUSION Allows an attacker to read ANY file on the same server. Access files outside www directory. Try to read /etc/passwd file. 1. We k 阅读全文
摘要:
CODE EXECUTION VULNS Allows an attacker to execute OS commands. Windows or Linux commands. Can be used to get a reverse shell. Or upload any file usin 阅读全文
摘要:
EXPLOITATION -File Upload VULNS Simple type of vulnerabilities. Allow users to upload executable files such as PHP. Upload a PHP shell or backdoor, ex 阅读全文
摘要:
INFORMATION GATHERING IP address. Domain name Info. Technologies used. Other websites on the same server. DNS records. Unlisted files, sub-domains, di 阅读全文
摘要:
How to hack a website? An application installed on a computer. ->web application pen-testing A computer uses an OS + Other applications -> server-side 阅读全文
摘要:
PIVOTING Use the hacked device as a pivot. Try to gain access to other devices in the network. Tool: Metasploit - AUTOROUTE Module Target: Metasploita 阅读全文