Advanced LFI - Part 8 - Executing PHP through auth.log

Name: Advanced LFI - Part 8 - Executing PHP through auth.log
Uploaded: Feb 13, 2017
Duration: 155 s
Description: This time we abuse the fact that the apache auth.log file executes any code inside it every time its updated. We create an ssh username that requests the standard phpinfo file and we see the file executed in the browser - via Burp Suite.

Metasploitation9.41K subscribers

1.6K views

Feb 13, 2017

2:35

This time we abuse the fact that the apache auth.log file executes any code inside it every time its updated. We create an ssh username that requests the standard phpinfo file and we see the file executed in the browser - via Burp Suite.

Download

0 formats

No download links available.