Hiển thị các bài đăng có nhãn SSI. Hiển thị tất cả bài đăng
Hiển thị các bài đăng có nhãn SSI. Hiển thị tất cả bài đăng

Thứ Sáu, 30 tháng 11, 2012

SSI (server side include) injection, shell and deface Page uploading tutorial

SSI (server side include) is a web application exploit, you can put your codes remotly to vulenrable websites,
Server-side Include allowed you to upload files in multi extentions, but in .php extention you can't excute your shell, you have to rename shell.txt to shell.php
Lets Begin...
READ MORE »
Người đăng: vào lúc Không có nhận xét nào:
Nhãn: , , , ,

SERVER-SIDE INCLUDES (SSI) INJECTION


SERVER-SIDE INCLUDES (SSI) INJECTION | Juno_okyo's Blog
It is a web attack were a remote attacker can execute commands on the server remotely, SSI Injections are used to execute some content before the web page is loaded or before the web page displayed to the user. SSI are exploited by injection mailicious codes in HTML web pages.

SSI Injection is a bit similiar to XSS attacks, we check the website, if its vulnerable or not by executing codes/commands in the search boxs, headers, cookies like we do in the case of XSS.
READ MORE »
Người đăng: vào lúc Không có nhận xét nào:
Nhãn: , ,
Đăng ký: Bài đăng (Atom)