Learn System Hacking E5: OS Command Injection Demo

Рет қаралды 5,490

Күн бұрын

Пікірлер: 16

@JosephDelgadillo 5 жыл бұрын

Udemy - www.udemy.com/ethical-hacking-kali-linux/?couponCode=KZbin Ethical Hacking Bundle - josephdelgadillo.com/product/hacking-bundle-2017/ Holiday Course Bundle - josephdelgadillo.com/product/holiday-course-bundle-sale/

@manukumarsharma4353 5 жыл бұрын

Love you man I from India

@JohnSmith-og4tb 4 жыл бұрын

This is the second course that I have taken by this guy. Absolutely incredible!!! A great teacher of a complex subject.

@manukumarsharma4353 5 жыл бұрын

Bast work man

@kryptosploit4288 4 жыл бұрын

I have the same problem as you, at 18:20, I can not download the shell.php file, how can I fix it, my apache server is working ?!

@dmarshall5877 Жыл бұрын

yeh same to me

@CH-zw2gm 2 жыл бұрын

I ran into a few issues that I managed to resolve towards the end of the video so I'll explain the solution incase someone else has the same issue I did. 1) Issue using wget on .php files. For some reason in my terminal and on bWAPP, using wget for php files just wouldn't work, I'd get an 'ERROR 500' response in my terminal saying connection failed. What I did to get around this was changing theformat from php file to sh file (anything other than php should work) and then used wget on the new shell.sh file that contained all the php code. It fortunately worked so I tried it on bWAPP and it worked there too. I then changed the name back to shell.php from shell.sh in bWAPP using 'mv shell.sh shell.php' in the command injection bar. Everything was fine after that and running 'php -f shell.php' worked fine and metasploit responded. 2) After running 'php -f shell.php' I ran into another issue with metasploit, the issue being that the meterpreter session said 'Meterpreter session 1 closed. Reason: Died' which confused me because I followed the steps identically to the video. After countless re attempts making sure everything was copied right I realised that there must be some issue with the encoded file so I decided create a new php file without '-e php/base64'. I created it as an sh file again done all the steps in 1) and thankfully after running it the metasploit connection was secure and working perfectly. I hope this helps anyone who has run into similar issues.

@JosephDelgadillo 2 жыл бұрын

Thanks for sharing!

@DARKARMY01001 5 жыл бұрын

Thanks sir

@belanine9966 5 жыл бұрын

Hello, when I'm running the command: ;php -f shell.php . I don't receive any connection on my handler. Help please. I did everything right.

@zeynarz7614 4 жыл бұрын

check to see if the php file you downloaded using wget is empty or not

@CH-zw2gm 2 жыл бұрын

I ran into a few issues that I managed to resolve towards the end of the video so I'll explain the solution incase someone else has the same issue I did. 1) issue using wget on .php files. For some reason in my terminal and on bWAPP using wget for php files just wouldn't work, I'd get an ERROR 500 response in my terminal saying connection failed. What I did to get around this changing the name of the php file to sh (anything other than php should work) and then used wget on the new shell.sh file that contained all the php code. It fortunately worked so I tried it on bWAPP and it worked there to. I then changed the name back to shell.php from shell.sh in bWAPP using 'mv shell.sh shell.php' in the command injection bar. Everything was fine after that and running 'php -f shell.php' worked fine and metasploit responded. 2) After running 'php -f shell.php' I ran into another issue with metasploit, the issue being that the meterpreter session said 'Meterpreter session 1 closed. Reason: Died' which confused me because I followed the steps identically to the video. After countless re attempts making sure everything was copied right I realised that there must be some issue with the encoded file so I decided create a new php file without '-e php/base64'. I created it as an sh file again done all the steps in 1) and thankfully after running it the metasploit connection was secure and working perfectly. I hope this helps anyone who has run into similar issues.