RCE allows an attacker to execute code on a vulnerable machine and the CVSS severity level of RCE is critical (well what more do you need than that?)

Image Credits: Google

Note: Check out this blog for more PHP Pwning and to learn why PHP is targeted.

System:

Similar to the system() function in C, system() in PHP executes all the input as shell commands in the machine. If the user inputs are passed into it, this will lead to Code Execution.

<?php
$cmd = $_GET[‘cmd’];
system($cmd); ?>

http://www.example.com/?cmd=command


Challenges: Sessions, Dababy web

1.Sessions:


I used to think if a device is not exposed to the public internet, it is safe, because bad actors cannot access them as it has NAT (Network Address Translation) and a firewall in front of the device. Well, let us uncover the truth.

Note: A bit about me, I have been hacking for a while now I have gained some good knowledge in web security. To feed my curiosity I have decided to read all the nominated Web Techniques by Portswigger. This blog series will contain my takeaways from my learning.
https://portswigger.net/research/top-10-web-hacking-techniques-of-2020

This blog is not intended for complete…


Ever wondered what will happen if a billion “lol”s get processed in memory?
The answer is it will crash the server or consume a large chunk of the available resources. Read on to find out how.

Image Credits: Google

XML Parser:

XML (Extensible Markup Language) is a meta markup language that is very widely used. It played a huge role in creating the dynamic web we use today (AJAX). XML was the JSON of the AJAX era.

In XML entities are a way of representing an item of data within an XML document, instead of using the data itself. …


GraphQL is getting popular day by day. Currently, it is being used by tech giants like Facebook, Twitter, Github, and many more. In this blog, we will explore what GraphQL is and how to test GraphQL endpoints for vulnerabilities.

Image Credits: Google

What is GraphQL:

GraphQL is a query language for APIs designed to provide a more efficient, powerful, and flexible REST alternative. It is based on declarative data sampling, that is, the client can specify exactly what data he needs from the API. Instead of multiple API endpoints (REST), GraphQL represents a single endpoint that provides the client with the requested data.

GraphQL vs REST:


PHP is one of the widely used languages for web development (more than 60%) which makes it one of the most targeted ones.

image credits: google

Also, PHP websites are common in CTFs because it is easy to write vulnerable code in PHP.

Local File Inclusion (LFI) exists in websites that don’t have proper sanitization for input, this allows an attacker to include sensitive files on the server.

Remote File Inclusion (RFI) occurs in websites that dynamically reference external files without checking them.

RFI vs LFI:

Remote File Inclusion and Local File Inclusion are not the same. In LFI, the attacker uses a file that is…


DOM clobbering is a technique to escalate HTML injection to XSS which has a high impact.

image credits: portswigger

Note: DOM clobbering a niche technique, to understand it you should have basic knowledge of DOM, HTML, and JavaScript. This blog explains only about DOM clobbering you can learn the basics of DOM, HTML, and JavaScript through these links:

https://en.wikipedia.org/wiki/Document_Object_Model

HTML Collection:

HTML is a very lenient language, browsers make sure the code is error-free ( up to an extent ). For example, the browser automatically closes all the tags that were left open

Actual code by developer :

<h1>Page not found 404 error <a href=”/”…


$ sudo rm -fr /

This is a secret command used to save storage spaces in Linux try executing on your company’s production server.

GIF credits: giphy.com

That’s a lie don’t execute it !!!!!!!!

It is a command that will delete all the files including OS files, from the root directory to all the individual files (in a way it saves storage space though XD). Now you know what this command is capable of, you will not execute it anywhere but what if someone tricked you to do so?

Now Imagine, You want to install tmux on your ubuntu machine but you forgot the package name so you google it and end…


Image source: Youtube

This is a scene from the Mr Robot TV series ( Season 1 Episode 2 ) in which Elliot Alderson hacks into an e-mail server owned by a huge corporation by exploiting a vulnerability called Shellshock.

Mudhalai Mr

<>AKA Gowtham Student at SASTRA Deemed university, Core team member DSC SASTRA </>

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store