sQuo Posted September 16, 2013 Share Posted September 16, 2013 Programs used: Backtrack 5 RC2 Symlink Bypass user by zarabyte MySQL Interface Shell GNY Shell ZaraByte File Uploader This video is to demonstrate how a hacker can hack a shared server using a Symlink Bypass. The attacking can read configuration on other users who are hosting on the same server as the compromised website. First the attack needs to find a vulnerable website so he can get shell to the server to upload the symlinks bypass tool From there the attack has to locate the other users on the same server and then try to figure out where or if there is a configuration ex; wp-config.php It will then open the config.php and save the inside of the config.php as a txt file. From there the attacker would be able to access the victims SQL data base and change the information. ZaraByte - Symlink to bypass User This is the hidden content, please Sign In or Sign Up MySQL Interface Shell This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts