From SQL injection to Shell III

Bookmarked!

This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick

PRO Hard 1-2 Hrs. 1138 Green Badge

Course

This course teaches you how to exploit a SQL injection vulnerability in a web application to gain access to administrative pages by bypassing Multi-Factor Authentication (MFA), and then achieve code execution on the server using a vulnerability in ImageMagick.

Skills covered

Injection Authentication Operating System

Topics

SQL Injection

CWE-89

Included with PRO

Full course content 1 video Common mistakes

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account