Bruteforce (III): attacking a WEB server with HYDRA.Bypassing Client Side JavaScript Validation.Command Injection (I): Attacking unsanitized PHP f.Command Injection (II): Reverse shell connection w.Command Injection (III): Webshell -> php-backdoor.php.Command Injection (IV): Webshell -> Msfvenom / Me.NetCat (nc ) has two options (-c and -e), considered dangerous by the program itself, that execute commands remotely: First, let check that ci.php (allows Command Injection due to lack of input sanitization, as seen at previous exercise) is available at the victim side Metasploitable's web server folder /var/www:
The tool (NetCat) is usually present in most of the Linux/Windows machines.No need of writable permissions over the web server folder on the victim's side.No file is uploaded to the victim so the detection rate would be low.Three of the most interesting characteristics of this attack are: Now, the goal is to perform a Command Injection attack from the web browser of the attacker Kali Linux against a victim Metasplotaible, injecting NetCat commands: This exercise is based on the previous one: COMMAND INJECTION (II): REVERSE SHELL CONNECTION WITH NETCAT