PHP CGI Remote Code Execution - Low Security Level
Solution:
Step 1. On the lesson page click on admin, a new window will pop up with php details
Step 2. Click on exploit, a new window will pop up with url:
http://cve.mitre.org/cgi-bin/cvename....
Select - URL:http://www.kb.cert.org/vuls/id/520827 and go through the Description
Step 3. Go to the lesson page and reclick on admin, a new window will pop up with php details
Step 4. Replace phpinfo.php with ?-s as shown in the video
Step 5. Add below payloads to the url and check the output
?-dauto_prepend_file%3d/etc/passwd+-n
Explore the lesson with other exploits (Not covered in this video).
PseudoTime
On this page of the site you can watch the video online bWAPP PHP CGI Remote Code Execution with a duration of online in good quality, which was uploaded by the user PseudoTime 18 April 2022, share the link with friends and acquaintances, this video has already been watched 1,818 times on youtube and it was liked by 10 viewers. Enjoy your viewing!