Ok. So I wrote a short article yesterday showing off a few reverse shell tricks and demoing them on a vulnerable web app using a Command Injection vulnerability.
Some people were asking "why it so basic?" and here is why: The idea of the article is not to provide script kids/blackhats with new info - it is well known - but to demonstrate how one can go from a small PHP bug to a full blown reverse shell.
I will be working up SNORT IDS Signatures for them all based on how they throw a shell back, just have to get some nice .pcaps of it first. I plan to also find a way to "signature" the IDS evading shellcode I wrote - and so kind of have an "arms race" with myself...
Article on Insecurety.net
No comments:
Post a Comment