Persecure : my learning archive

,

DVWA Command Execution

Insert the victim machine IP ; pwd to check for vulnerability.

Shows the current directory

Insert the victim machine IP ; cat /etc/passwd to check for users.

List of users

Medium Security

In viewing the source code we can see that the ‘&&’ and ‘;’ characters are block.

Let’s replace these characters with a ‘ | ‘.

Insert the victim machine IP | cat /etc/passwd to check for users.

High

*To be updated*

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Comments (

0

)

%d bloggers like this: