Sql injection is one of the most popular web vulnerabilities that leads to theft of data around the world. In this Issue our readers will learn how to use SQLmap to not only detect sql injection vulnerability in the target but also exploiting that vulnerability to dump databases. To demonstrate this we will be using Vulnuni 1.0.1 CTF machine which can be downloaded from vulnhub. Our readers will also get to know in detail how to exploit a dirtycow vulnerability to get root. Everytime it’s not a walk on the cake. You will see why?
We will also see how to install MATE desktop in the newly released Kali Linux 2020. Kali Linux provides various desktop environments but many users missed MATE.
In the Metasploit This Month Feature we will start with a CMS Made simple remote code execution module and then we will see how a directory tarversal vulnerability in Bludit can be used to upload a malicious payload to compromise the CMS.
Then readers will see how chpass privilege escalation exploit works in OpenBSD. Yes, the same open source operating system that is used in network appliances and servers worldwide. Windows 10 is seeing lot of privilege escalation vulnerabilities recently. In this Issue we will see two such exploits. One uses the dotnet profiler and the second one uses the sdclt.exe process to bypass and grab a system shell.
In the Metasploitable Tutorials, we will be introducing you to the infamous caidao web shell. This is the same web shell that was used and may be still being used by the Chinese hackers (APTs).
In order not to miss an Issue, please Subscribe to our Magazine. Also check out our software repository where we provide vulnerable software for testing and also other required material for our hacking challenges.