Ok, my last demo the reason the LFI-RCE failed was very simple: I messed up the Apache/PHP config in LAMPP while fuzzing earlier and forgot to reset it :/
Don't worry, my next demo will be on leveraging SQLi vulns in order to gain RCE, and I have to setup a better testbox anyway.
I will be showing the manual method + SQLMap methods of doing it all, and might even get a chance to video it!
No comments:
Post a Comment