1
00:00:01,960 --> 00:00:09,180
So I just want to highlight why a injections are so important and so dangerous the reason behind that

2
00:00:09,240 --> 00:00:15,450
is they are found you can find them everywhere and you play a lot of places a lot of big websites have

3
00:00:15,450 --> 00:00:21,930
these kind of exploits and like things like Yahoo Google had them it's they're very hard to protect

4
00:00:21,930 --> 00:00:31,150
against and it's very easy to make a mistake to make these exploits available for exploitation.

5
00:00:31,260 --> 00:00:36,810
The other reason that they're very dangerous is that they give you access to the database in many scenarios

6
00:00:36,810 --> 00:00:43,780
if you find an S kill injection you really don't need to upload a BHP shell or get a reverse connection.

7
00:00:43,860 --> 00:00:48,730
There is really no point of uploading stuff and then increasing the danger of being caught.

8
00:00:48,840 --> 00:00:53,790
Cause if you have access to the database as we see in here you pretty much have everything you need.

9
00:00:53,790 --> 00:00:58,980
You have user names passwords you can log in with normal user name and password as a normal user or

10
00:00:58,980 --> 00:01:04,260
you can if you're looking for sensitive data we can see that we've had access to credit cards you pretty

11
00:01:04,260 --> 00:01:09,810
much can do anything you want so it's there is really no point of trying to further exploit the system

12
00:01:09,810 --> 00:01:13,790
if you found an astral injection bingo like that's that's all you need really.

13
00:01:14,010 --> 00:01:19,800
In many scenarios we actually use a BHP shell to gain access to the database and see if we can read

14
00:01:19,800 --> 00:01:24,940
it like say for example if you manage to upload a BHP shell on the server on the server other methods

15
00:01:25,030 --> 00:01:28,160
portable but then you couldn't access the database you.

16
00:01:28,170 --> 00:01:29,550
There isn't much that you can see.

17
00:01:29,550 --> 00:01:35,250
You can't see credit cards you can see username and passwords you really catch the eye you have control

18
00:01:35,250 --> 00:01:37,820
over the server but you can't read stuff.

19
00:01:38,040 --> 00:01:44,780
So sometimes when you upload a BHP shell the next step is I need to gain access to the database.

20
00:01:44,960 --> 00:01:46,320
Another thing is the.

21
00:01:46,430 --> 00:01:48,330
They can be used to do many things.

22
00:01:48,350 --> 00:01:53,990
So if you find if you manage to find an Eskil injection in a Web site that is not your target.

23
00:01:54,020 --> 00:01:57,300
So it's not the one that you're targeting but it's in the same server.

24
00:01:57,440 --> 00:02:00,640
Then you can use it to read files outside the WW route.

25
00:02:00,710 --> 00:02:06,500
So similar to file inclusion vulnerabilities you can use it you can use the admin the user name and

26
00:02:06,500 --> 00:02:12,020
password for the admin and see if you can upload stuff usually the admin can upload a lot of things

27
00:02:12,020 --> 00:02:17,210
instead of just images and then you can upload a BHP shell or a back there from there and then from

28
00:02:17,210 --> 00:02:26,390
there navigate to your target computer or to the Target's website sorry or you can actually in some

29
00:02:26,390 --> 00:02:32,890
cases you can use it to upload IPH Richelle you can use as an Eskil injection to upload a BHP show.

30
00:02:32,900 --> 00:02:37,070
So basically shell injections can be used as file inclusion vulnerabilities.

31
00:02:37,070 --> 00:02:43,570
They can be used as file upload vulnerabilities and also they'll give you access to the whole database

32
00:02:43,580 --> 00:02:47,030
that's why they are very very dangerous and very useful.

33
00:02:47,030 --> 00:02:48,200
If you manage to find one.