PHP Shells PentesterLab & DVWA

WE RECALL THAT ALL THE TECHNIQUES SHOWN HEREBY ARE WELL DESCRIBED ON THE NET, YET WE PERFORMED BY OURSELVES STEP BY STEP ALL THE LABS DEMONSTRATED IN THIS BLOG, MTIBAA Riadh

PHP Web Shells in Forensic Analysis

Backdoor scripts,

Uploaded on web servers,

Illegitimate access (read/write/edit/delete).

1. Simple Backdoor Shell

John Troon,

Remote code execution.

2. qsd-php Backdoor Shell

Daniel Berliner,

Platform to execute system command.

3. PHP-reverse shell

Pentestmonkey,

Outbounds TCP connection from server to host,

Attaches shell to TCP connection,

Runs interactive programs (telnet/ssh).

4. MSFvenom based PHP Backdoor Shell

5. Weevely Shell

Simulates Telnet.

6. PHPbash shell

Internet shell,

Arrexel.

Comments

Exploitation of the OS Command Injection Threat in bWAPP

In this tutorial is based in literature and tools widely available in the Internet, we did perform all the steps by ourselves, hope useful, 1. Introduction 2. Firefox configuration 3. bWAPP Cookie Interception by Burp Suite 4. Attack with Commix to Establish a Shell

export/import mongo databases/collections

Here, I show step by step how to create a localhost mongo database using the mongo shell, then we transfert that database to our Cluster within the Cloud Mongo Atlas, 1. mtibaa_db_01 Mongo Database Creation with Collection locations 2. Export mtibaa_db_01 Locally into a JSON File 3. Import mtibaa_db_01 into the MTIBAARiadhTrainingCluster in Mongo Atlas

Every day computer working stuff

Search This Blog