Now, I am learning into a web, put the backdoor, and exploit the system.
there is a lack of web vulnerabilities in both the file upload, the upload feature is already filtered, so it can only upload jpeg files.
I use Burp suite, then to intercept and replace it, so in addition to jpeg files can be uploaded.
backdoor.php I upload, so that the web is already my the backdoor.
then I go into the backdoor, and try to exploit the system.
I am very much a reference, using Exploitation in www.exploit-db.com, etc.. I tried to use various exploits to exploit to the kernel, and it turns out, the kernel of the system is already in the patch, making it more likely for her exploits of the kernel is very small.
My suggestion: in exploiting system, not just the kernel that can exploit, but could be from the application side, and its developer.
No comments:
Post a Comment