From SQL Injection to Shell
- This exercise explains how you can, from a SQL injection, gain access to the administration console, then in the administration console, how you can run commands on the system.
- 1 video
- Completed by 7387 students
- Takes Less than an hour on average
- SQL Injection
CVE-2007-1860: mod_jk double-decoding
- This exercise covers the exploitation of CVE-2007-1860. This vulnerability allows an attacker to gain access to inaccessible pages using crafted requests. This is a common trick that a lot of testers miss.
- 4 videos
- Completed by 5523 students
- Takes Between 1 and 2 hours on average