- #Use gifsicle malicious image code
- #Use gifsicle malicious image password
- #Use gifsicle malicious image series
#Use gifsicle malicious image code
The PHP code is taking two parameters by using the POST request. The code can be seen in the screenshot in the highlighted section. However, only a few lines of this code are interesting as they could be responsible for SQL Injection. This was the source code of index.php file. The source code of the file can be seen in the below screenshot. So, I started to analyze the source code of the index.php file which was found through the file path traversal. “Show me your SQLI skills” so I decided to bypass the login form instead of this method. However, there was a message on the login form. So, I can easily take these credentials for login. It can be seen in the below screenshot.Īs I found the PHPMyAdmin URL while running the DirBuster so I used these credentials to log in into the PHPMyAdmin.Īs can be seen in the above screenshot, credentials were stored in clear text in the database. In the c.php file, I found the database credentials. First of all, I checked the source code on index.php file.ĭuring the initial analysis, I have found two more files which were included in the index.php file. So, I decided to check the source code on the files. It can be seen in the screenshot given below.
#Use gifsicle malicious image password
So, extracted the password file from the server. After spending few minutes, I got to know that file parameter was vulnerable for Path Traversal Vulnerability. It can be seen in the below screenshot.Īfter changing the request method, I got the different response from the target machine which encouraged me to explore it further.
After that, I tested the parameter for vulnerabilities. As this is a GET request, I had to change it to POST and the add the parameter value. I quickly intercepted the request on burp to add file parameter. I started with hitting at the pages and analyzing the response. This way I could explore the files on the server.
After that, I hit the DirBuster on the target host. on this Login page but I did not find anything on the login page. After spending some time, I decided to run various scanner such as Burp Suite Scanner, SQLmap, etc. So, I tried SQL injection on the username and password, but I did not find anything. Executing PHP Malicious code from the Image Fileĭownload URL of this virtual machine is given in the references.Īs given on the website, this page is vulnerable to SQL Injection.In this walkthrough, we will be closely exploring Following vulnerabilities. The aim of this challenge is to gain root privilege through a web application hosted on the machine.
#Use gifsicle malicious image series
For those who are not aware of the site, Vulnhub is a well-known website for security researchers which aims to provide users with a way to learn and practice their hacking skills through a series of challenges in a safe and legal environment. In this article, we will try to solve a machine BilluBox which was posted on 21st April 2017 by Vulnhub.
0 kommentar(er)
