White Badge
4719 Completed
14 Videos
6 Exercises
Easy

From SQL Injection to Shell
- This exercise explains how you can, from a SQL injection, gain access to the administration console, then in the administration console, how you can run commands on the system.
- 1 video
- Completed by 7161 students
- Takes Less than an hour on average
- PHP/Apache/Mysql
- SQL Injection
- CWE-89
Easy

CVE-2007-1860: mod_jk double-decoding
- This exercise covers the exploitation of CVE-2007-1860. This vulnerability allows an attacker to gain access to inaccessible pages using crafted requests. This is a common trick that a lot of testers miss.
- 4 videos
- Completed by 5372 students
- Takes Between 1 and 2 hours on average
- Tomcat/Apache
- CWE-22