Server Exploit (local exploit)
This time I will write about the exploit servers, the exploit I do over the web is there in, and the web has vulner. I did the following steps:
First, I did a scan of the web to find out what applications are used, and I get the web using wordpress and xampp server applications, since both use the latest version so I do not get vurner.
Second, I find that there are vulner used in gadgets, and I found a gadget for the vulner ping an ip, after my tests I found that I can run a variety of commant therein.
Third, I wrote commant that serves to download a backdoor that I had prepared. and my backdoor successful entry into the web.
Fourth, after a backdoor embedded it is time to find where the location of the embedded backdoor, it's not hard to do because we can use the vulner commant execution had to look for it. after found it, I open the backdoor.
until here we have installed a backdoor on the web, and it is time to install a backdoor on the system.
Fifth, I find out the kernel used by the system and then find suitable local exploits in exploit-db, and I found it.
Sixth, I run the local exploit that I have gained so that I gain root access,,,,,,
as we have seen, root access can do anything, including open ports so that we can back to a system through the backdoor without the web.
First, I did a scan of the web to find out what applications are used, and I get the web using wordpress and xampp server applications, since both use the latest version so I do not get vurner.
Second, I find that there are vulner used in gadgets, and I found a gadget for the vulner ping an ip, after my tests I found that I can run a variety of commant therein.
Third, I wrote commant that serves to download a backdoor that I had prepared. and my backdoor successful entry into the web.
Fourth, after a backdoor embedded it is time to find where the location of the embedded backdoor, it's not hard to do because we can use the vulner commant execution had to look for it. after found it, I open the backdoor.
until here we have installed a backdoor on the web, and it is time to install a backdoor on the system.
Fifth, I find out the kernel used by the system and then find suitable local exploits in exploit-db, and I found it.
Sixth, I run the local exploit that I have gained so that I gain root access,,,,,,
as we have seen, root access can do anything, including open ports so that we can back to a system through the backdoor without the web.
Comments
Post a Comment