Featured Posts Coolbthemes

Sunday, 29 January 2012

Hacking tech

The vulnerability which we are about to demonstrate in my opinion is the number 1 reason why websites hacked and are exploited further to the serverlevel. When a hacker performs a SQL Injection attack on a website he needs a way to get shell level access and install the PHP backdoor so he can touch other files on server or compromise the server itself if it's vulnerable. If we could secure our uploads and restrict our upload area so that they don't allow it does not allow the upload of other files instead of images we can protect our upload area.

However there is a problem, The PHP files can still be uploaded by various methods. The most common method is by renaming the PHP backdoor to the following and then uploading the shell.
Reade more >>