January 2019
Beginner
404 pages
8h 53m
English
Content preview from Becoming the HackerBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Cleaning up
As noted, once an engagement is complete, we have to make sure that we clean up any artifacts that may leave the client exposed. During this attack, we created three files that could be used to attack the client. Although it is unlikely that anyone would be able to use our Weevely shell, it is wise to remove anything left behind. The phpinfo.php test file that we've created should also be deleted. While it doesn't provide any kind of remote access, it does display information that could be used in an attack.
In the same way that we queried the MySQL variables to find out where the application resides on disk, an attacker could use the phpinfo() output to improve the success of a local file inclusion attack, as follows:
ECORP-PRD-API01:C:\xampp\htdocs\xampp ...