Insecure PUT method to Meterpreter

Hello guys. Today I will describe another way to compromise a remote system. We are going to exploit vulnerable HTTP methods PUT to gain access over the web server. Before starting we need to understand following topics. HTTP Methods: HTTP defines a set of request methods to indicate the desired action to be performed for […]

File Inclusion to Meterpreter

What is File Inclusion vulnerability? File inclusion vulnerability is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control […]

File upload vulnerability to Meterpreter

Vulnerability Name: Arbitrary file upload vulnerability in DVWA frame work in “low” section. System Specification: Victim – Windows XP SP2 [IP: 192.168.24.131] Attacker – Kali Linux 2.0 [IP: 192.168.24.133 PORT: 4444] Success Criteria: Following two conditions are mandatory for exploiting file upload vulnerability – Attacker can upload any file (including .php, .asp, .aspx etc) Attacker […]