LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Complete Guide to Penetration Testing

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Exploiting your way into the gym

Exploiting your way into the gym

From the course: Complete Guide to Penetration Testing

Start my 1-month free trial Buy for my team

Exploiting your way into the gym

“

- [Instructor] Let's take a look at this gym management system, which we can download from the sourcecodetester site shown here. This is a standard website which runs on a LAMP stack system. I've downloaded and unzipped this application. We can see this is a PHP website, and if we have a look in the database folder, we can see the setup script for it. The installation instructions require us to set up the application by importing this setup script. In addition, we need to modify the dbconnect.py script and update it with our privileged SQL user credentials. I've done this already, so let's go take a look at it. 192.168.1.176/gym1. Okay, we're asked to enter credentials. Our first exploit will be the obvious one. We'll run an SQL injection by entering the user account as quote space or one equals one hash, and we've logged in as the administrative user. There's a slightly more advanced version of the gym management system that we can find at this site, and this particular variant has…

Contents

- (Locked)
  
  Next steps
  
  1m 11s