Description: This is a detailed video with voice ( english ) show you how to find and exploit sql injection in custome php application and then jailbreak Lshell and use mysqld to get root ( No Local Kernel Exploit )
hope you enjoy it and learn from it
Ninja-Sec
Ninja-Sec.com
Tags: jailbreak , Local , Kernel , Exploit , sql , injection , ninja-sec.com ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
nice one! =) learnt alot. :)
thanks :)
nice work and thx 4 sharing. just a hind: why downloading a long script for the iptables part if you can run commands via mysql? would have been easier to just create a file in userland of john/robert, called it iptables.sh, edited it with vim like "1.LINE: #!/bin/bash 2.LINE iptables -F" chowned it to 755 and executed it via mysql like "SELECT sys_exec("cd /tmp && chown 755 iptables.sh && ./iptables.sh");". Think this would have saved some time ;)
thanks jfr, i didn't do that in video so people can comment and advice me :)
thanks very much for your advice
regards
Thank you :)
Gonna try that out.