Description: This video is part of the Hack of the Day series on SecurityTube. You can watch older videos using this link: http://securitytube.net/tags/hod
In this video, we look at a standard Command Injection vulnerability in a web application and see how can get a meterpreter shell on the box. The idea to do the hack is similar to how you would upload and get a web shell on a box. Here are the steps:
1. Create a php file using msfvenom and the php/meterpreter/reverse_tcp payload
2. Remove the guard '#' from the php file
3. Serve the file using a webserver - I use Python -m SimpleHTTPServer
4. In the command injection vulnerable form element - using wget to fetch the php file from the attacker server
5. Verify file has been uploaded
6. Create a exploit/multi/handler for the payload
7. Run the php meterpreter script on the vulnerable server by referencing it directly via a URL
If all goes well, you should have a meterpreter on the box :)
Questions: 1. Can someone create a quick demo of DVWA using the same principle?
2. In the video "getuid" gave us "www-data".Is privilege escalation possible? How?
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.