from_sqli_to_shell
from_sqli_to_shell
from_sqli_to_shell
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
PentesterLab.com » From SQL Injection <strong>to</strong> Shell<br />
Table of Content<br />
Table of Content<br />
Introduction<br />
About this exercise<br />
License<br />
Syntax of this course<br />
The web application<br />
Fingerprinting<br />
Inspecting HTTP headers<br />
Using a direc<strong>to</strong>ry Buster<br />
Detection and exploitation of SQL injection<br />
Detection of SQL injection<br />
Introduction <strong>to</strong> SQL<br />
Detection based on Integers<br />
Detection on Strings<br />
Exploitation of SQL injections<br />
The UNION keyword<br />
Exploiting SQL injections with UNION<br />
Retrieving information<br />
Access <strong>to</strong> the administration pages and code execution<br />
Cracking the password<br />
Uploading a Web<strong>shell</strong> and Code Execution<br />
Conclusion<br />
2<br />
4<br />
6<br />
6<br />
6<br />
7<br />
9<br />
9<br />
11<br />
13<br />
13<br />
13<br />
16<br />
20<br />
22<br />
22<br />
23<br />
27<br />
33<br />
33<br />
36<br />
40<br />
2/41