Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Kali Linux - An Ethical Hacker's Cookbook Practical recipes that combine strategies, attacks, and tools for advanced penetration testing

Product type Paperback

Published in Mar 2019

Publisher Packt

ISBN-13 9781789952308

Length 472 pages

Edition 2nd Edition

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Himanshu Sharma

View More author details

Table of Contents (15) Chapters

Preface

1. Kali - An Introduction FREE CHAPTER

2. Gathering Intel and Planning Attack Strategies

3. Vulnerability Assessment - Poking for Holes

4. Web App Exploitation - Beyond OWASP Top 10

5. Network Exploitation

6. Wireless Attacks - Getting Past Aircrack-ng

7. Password Attacks - The Fault in Their Stars

8. Have Shell, Now What?

9. Buffer Overflows

10. Elementary, My Dear Watson - Digital Forensics

11. Playing with Software-Defined Radios

12. Kali in Your Pocket - NetHunters and Raspberries

13. Writing Reports

14. Other Books You May Enjoy

Leave a review - let other readers know what you think

Exploiting PHP Object Injection

PHP Object Injection occurs when an insecure user input is passed through the PHP unserialize() function. When we pass a serialized string of an object of a class to an application, the application accepts it, and then PHP reconstructs the object and usually calls a magic method if they are included in the class. Some of the methods are __construct(), __destruct(), __sleep(), and __wakeup().

This leads to SQL injections, file inclusions, and even remote code execution. However, to successfully exploit, we need to know the class name of the object.

How to do it...

Let's perform the following steps:

Here we have an app that is passing serialized data in the get parameter, as shown in the...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Himanshu Sharma

Himanshu Sharma has been in the field of security since 2009 and has been listed in the halls of fame of Apple, Google, Microsoft, Facebook, and many more. He has helped celebrities such as Harbhajan Singh in recovering their hacked accounts. He has been a speaker at various conferences worldwide such as BotConf, CONFidence, Hack In the Box, SINCON, Sec-T, Hackcon, and numerous others. Currently, he is the co-founder of BugsBounty. He also authored multiple bestsellers titled "Kali Linux - An Ethical Hacker's Cookbook", " Hands-On Red Team Tactics" and "Hands-On Web Pentesting with Metasploit."

See other products by Himanshu Sharma