So far in this course, we have seen how to discover and exploit a large number of vulnerabilities.
We seen how we can exploit these vulnerabilities, such as ESKIL injections, full inclusion and code
execution and even file upload and get a reverse shell so that we'll actually have access to the server
itself.
And the file upload example, we were able to upload a weekly show, which gives us a lot of capabilities
and a lot of features.
In simpler examples like the code execution and in the ESKIL injection, we only managed to get a reverse
shell.
So in this section we're going to see how we can interact with the reverse shell, with Waverly's shell,
and we'll see what can we do now that we actually have access to the target server.
So I'm going to start with the reverse shell, because it doesn't give us as much capabilities as we
believe and then we'll see how we can escalate that to a weekly shell and then we'll see what we can
do after that.
So first of all, here, I'm just going to listen on part eight eight eight eight.
And so that I just want to get a reverse connection on this computer now, I'm going to get my IP by
running if config.
And my IP is 10, 20, 14 to 13.
So I'm just going to go to my DPW and exploit the code execution vulnerability just so that we can have
a reverse shell and then we'll see how we can interact with it.
So I'm going to do this quickly because we've already spoke about it in the code execution lecture.
So I'm just going to set the security level to low.
And then go on the command execution.
Make this bigger.
And as you remember, we used to put an IP address.
I'm just going to put anything.
And the semicolon and then the code that we want to run and I want to get a connection using that,
so I'm going to do see.
And then put the port.
Now, this is the same code that we used in the Ezekial injection, we on Europe, this code.
It's the same code that we used with the file inclusion vulnerabilities as well.
So we'll actually be getting the same access as what we're getting in here when we exploit the other
vulnerabilities, the scale injection and the local file inclusion.
So if we go here.
Now we actually have a complete bombshell so we can run any Bush commands, we want the exact same commands
that we've seen in the Linux basic section at the start of this course.
Now, in all of the previous lectures we used to stop, once we get to this point and in the final upload,
as I said, we got a weekly shell, which gives us more, more capabilities.
So for the first thing, I'm going to teach you, what can you do now with this access, with their
virtual access?
Then once we know what you can do that we're going to see how you could escalate this and convert it
to a weekly shell, which allows you to get do more attacks or allow you to do more things on the target
computer.
Once we have a weekly shell, so will be at the same level at as what you would gain when you exploit
a file upload vulnerability.
We'll see.
What could you do with that?
So you you learn a large number of powerful attacks like running system commands.
Even if there is security on the target server, you'll learn how to navigate to other websites on the
same server, read, upload and download files, accessed the database and bypass security measurements
that might prevent you from doing these things.
So in the next lecture, I'm going to start from here and we're going to keep building up on our access
and we'll see what can we do on the target server.