SQL injection and File upload RCE - Gallery TryHackMe
HTML-код
- Опубликовано: 3 июл 2024
- #redteaming #pentesting #career #ctf #metasploit
Hey what’s up? In this video, I will h4ck a linux machine from a vulnerable web application to rce, then privilege escalation and gain root access. You will learn how to perform port scanning, exploit vulnerable file uploads, do code review, get a reverse shell and upgrade it using python, post-exploitation enumeration, and privesc to two users.
00:00 - Intro
00:42 - Running services
01:42 - Discover the app
02:28 - Login bypass
03:15 - Admin account compromise
04:18 - File Upload vulnerability
05:30 - Deeper look
06:24 - Filter gibberish out
08:36 - Tinkering with the request
10:46 - Working PoC
🚀 🔥 Become a pentester
academy.thehackerish.com/p/fr...
📙 Learn the technical skills:
thehackerish.com/best-hacking...
📙 Become a successful bug bounty hunter: thehackerish.com/a-bug-bounty...
🆓 Download your FREE Web hacking LAB and starting hacking NOW: thehackerish.com/owasp-top-10...
🌐 Read more on the blog: thehackerish.com
💪🏻 Support this work: thehackerish.com/how-to-support
- Facebook Page: / thehackerish
- Follow us on Twitter: / thehackerish
- Listen on Anchor: anchor.fm/thehackerish
- Listen on Spotify: open.spotify.com/show/4Ht8jEb...
- Listen on Google Podcasts: podcasts.google.com/?feed=aHR...
Amazing. thanks !