Escalation of Privilege: Website Vulnerabilities
Privilege escalation is referred to as privilege escalation . Since the operating system is a multi-user operating system , users have permission control . For example, the permissions obtained through Web vulnerabilities are Web process permissions. Often, Web services are started with an account with very low permissions. Therefore, some operations through the Webshell will be restricted, which requires it to be elevated to administrative or even System privileges. Privileges are usually escalated through operating system vulnerabilities or misconfigurations of the operating system, or through third-party software services, such as database or FTP software vulnerabilities.
Table of contents:
Architecture of Website Vulnerability Elevation of Privilege:
Ideas for finding website vulnerabilities:
Step 2: Reproduce the vulnerability.
SQL injection: https://tianyuk.blog.csdn.net/article/details/122903983
XSS vulnerability: https://tianyuk.blog.csdn.net/article/details/123396714
File upload vulnerability: https://tianyuk.blog.csdn.net/article/details/122911968
SSRF vulnerability: https://tianyuk.blog.csdn.net/article/details/123251482
Command Execution Vulnerability (RCE): https://tianyuk.blog.csdn.net/article/details/122916853
Unauthorized access vulnerability: https://tianyuk.blog.csdn.net/article/details/123625299
XXE vulnerability: https://tianyuk.blog.csdn.net/article/details/123287496
PHP deserialization vulnerability: https://tianyuk.blog.csdn.net/article/details/123691784
The file contains vulnerabilities: https://tianyuk.blog.csdn.net/article/details/122822095
IIS parsing vulnerability in middleware: https://tianyuk.blog.csdn.net/article/details/124212767
Disclaimer:
It is strictly forbidden to use the technology mentioned in this article to carry out illegal attacks, otherwise the consequences will be at your own risk, and the uploader will not bear any responsibility.
Website authority: (obtaining methods: the above three ways to obtain)
View or modify the source code of the program, read the configuration files of the website or application (interface configuration information, database configuration information, etc.), and collect information related to the server operating system to prepare for subsequent system privilege escalation.
Architecture of Website Vulnerability Elevation of Privilege:
Ideas for finding website vulnerabilities:
Step 1: Collect various information about the website. ( For example: Nessus, AWVS, AppScan, Netsparker, X-Scan, find server type vulnerabilities, etc. )
Detailed information collection (relevant data query can be performed after collecting sensitive information, and then penetration testing): https://tianyuk.blog.csdn.net/article/details/123852687
Step 2: Reproduce the vulnerability.
SQL injection: https://tianyuk.blog.csdn.net/article/details/122903983
XSS vulnerability: https://tianyuk.blog.csdn.net/article/details/123396714
File upload vulnerability: https://tianyuk.blog.csdn.net/article/details/122911968
SSRF vulnerability: https://tianyuk.blog.csdn.net/article/details/123251482
Command Execution Vulnerability (RCE): https://tianyuk.blog.csdn.net/article/details/122916853
Unauthorized access vulnerability: https://tianyuk.blog.csdn.net/article/details/123625299
XXE vulnerability: https://tianyuk.blog.csdn.net/article/details/123287496
PHP deserialization vulnerability: https://tianyuk.blog.csdn.net/article/details/123691784
The file contains vulnerabilities: https://tianyuk.blog.csdn.net/article/details/122822095
IIS parsing vulnerability in middleware: https://tianyuk.blog.csdn.net/article/details/124212767
Step 3: After the vulnerability is reproduced successfully, you can operate the relevant files.