Professional Documents
Culture Documents
https://www.youtube.com/watch?
v=PaB17Cc0dUg&list=WL&index=1&t=671s
I used DVWA in tryhackme in kali and used open VPN.
Position - Double click on the values of the credentials and select ‘add’
From payloads select ‘cluster bomb’ (it tries all combinations of username and password)
Payload – from list select ‘runtime list’ and add a txt file for users and password.
Go to page source to copy the text of the error and add it. it helps to interpret the results (1,1 etc.)
Csrf
CHANGE PSWD AND COPY ITS URL
Command Execution
Command injection or also known as Remote Code Execution in terms of web
exploitation, can be possible to a certain website accepts added strings of characters or
arguments; the inputs are used as arguments for executing the command in the website’s
hosting server.
https://www.youtube.com/watch?v=jmMbPbZjW40