SQL INJECTION FUNDAMENTALS - Writing webshell
Sign In to comment.
Quick Links
Categories
- 4.2K All Categories
- 3K Discussion
- 1.5K Machines
- 548 Challenges
- 28 RastaLabs
- 160 Exploits
- 52 Programming
- 735 Off-topic
- 1.2K Tutorials
- 638 Writeups
- 102 Video Tutorials
- 192 Tools
- 283 Other
- 33 Links
- 33 News
Comments
Spoiler Removed
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
hmm spoiler removed.
Yeah - I dont know why it was flagged as a spoiler.
I haven't looked at this box, so I don't see how anything I suggest would spoil it for people.
Basically from what you've put it looks like the path would be to upload a webshell, or exploit one already there, then use the file system commands to find the thing you are looking for.
I was under the impression that the Academy was to provide more structured learning and guidance than the main boxes. I appear to have been mistaken.
Note: https://www.nohello.com/
Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.
my 2 cents, may be by this time you might already be an expert Bibichan, but for future noobs like me, the task is asking us to upload a program via the sql file; so we write a php program onto the box, and call it via the url. the name in between the [] is a variable, that you can reference in the url. for example $_REQUEST[0], you can replace this with anything and pass into the URL. so your url would become, xyz.com/0=id, and it will be executed.