Forensic Analysis with bWAPP

An attempt to show step by step some forensic analysis targeting bWAPP, the attacks are widely described on the net

1. Forensic Analysis Preparation

Comments

Unrestricted Upload File Vulnerability bWAPP

We present a step by step guide for testing the Unrestricted Upload File Vulnerability in bWAPP, we did perform the lab ourselves based on widely available literature on the net, 1. Introduction 2. Step 1 : php backdoor creation 3. Step 2 : meterpreter exploit configuration 4. Step 3 : connection to bWAPP server 5. Step 4 : php backdoor upload to the bWAPP server 6. Step 5 : php backdoor activation 7. Meterpreter session exploitation

Exploitation of the OS Command Injection Threat in bWAPP

In this tutorial is based in literature and tools widely available in the Internet, we did perform all the steps by ourselves, hope useful, 1. Introduction 2. Firefox configuration 3. bWAPP Cookie Interception by Burp Suite 4. Attack with Commix to Establish a Shell

PHP Shells PentesterLab & DVWA

WE RECALL THAT ALL THE TECHNIQUES SHOWN HEREBY ARE WELL DESCRIBED ON THE NET, YET WE PERFORMED BY OURSELVES STEP BY STEP ALL THE LABS DEMONSTRATED IN THIS BLOG, MTIBAA Riadh PHP Web Shells in Forensic Analysis Backdoor scripts, Uploaded on web servers, Illegitimate access (read/write/edit/delete). 1. Simple Backdoor Shell John Troon, Remote code execution. 2. qsd-php Backdoor Shell Daniel Berliner, Platform to execute system command. 3. PHP-reverse shell Pentestmonkey, Outbounds TCP connection from server to host, Attaches shell to TCP connection, Runs interactive programs (telnet/ssh). 4. MSFvenom based PHP Backdoor Shell 5. Weevely Shell Simulates Telnet. ...

Every day computer working stuff

Search This Blog