Remote Server Setup for Web Development

Remote Server Setup for Web Development

I personally use a remote server for my web development. And you should use one too. Now you must be thinking why on earth you would want a remote server when you can code perfectly on your personal computer? Well, I have plenty of reasons. And few of them are listed below. No need of installing tons of software on your personal computer. Less Software means less load on your PC. Just one click and your code will already be uploaded…

Read More Read More

CTF – FristiLeaks 1.3 vulnhub – Walkthrough

CTF – FristiLeaks 1.3 vulnhub – Walkthrough

Introduction FristiLeaks 1.3 is an offline Capture the Flag-Style Virtual Machine created by Ar0xA. I managed to solve this challenge today and here is what I did. Goals Get Root Read the flag file. Starting the Hack On initializing the virtual machine, this screen popped up and gave some useful information. I didn’t have to dig up further for the IP Address of the machine. IP address: 192.168.0.102   Finding the services. To find the active services on the VM, I fired up…

Read More Read More

Build your next PHP project the organized way

Build your next PHP project the organized way

Everyone like to keep their things in order, so they’re easier to understand, sort through and manage. Same thing applies for web projects. When starting a php/html project, it might be a very abstruse act, figuring out how you can organize your project files the best possible way. If you’ve ever been confused with where to place your images, css, external libraries or keeping your logic files from layout or template files, then there are a few tips I have for you. If you…

Read More Read More

Basics of SQL Injection Attacks

Basics of SQL Injection Attacks

What is SQL Injection? SQL Injection is a Code Injection technique to attack Data-driven applications. Despite being around for many years, SQL Injection (SQLi, for short) is still a hugely dominant security flaw in web applications. An attacker can send SQL Queries as a part of the command or input parameters. Through SQL Injection attacker can obtain unauthorized access to a database and he might be able to create, read, update, alter, or delete data stored in the back-end database. Although SQL injection…

Read More Read More

[Bypass] MySQL Error: illegal mix of collation

[Bypass] MySQL Error: illegal mix of collation

Collations and character sets enable MySQL to do a comparison of the strings and this error probably come when you try mixing different collations/character sets in a select statement. If you have no idea about SQL Injection consider reading the Basics of SQL Injection first. What you can do to solve the problem and get rid of this error? Well, you can solve this error by changing the default values of collation/ character sets of the database you are working with…

Read More Read More

Bypass PHP Disabled functions for Executing Shell commands.

Bypass PHP Disabled functions for Executing Shell commands.

Hello, This is my first post since I have started this blog. Let’s start by imagining our scenario. We have a target server with a PHP shell access which doesn’t let us execute commands.  So let’s start by discussing how a command is executed using PHP normally. We all know there are certain PHP functions to carry out commands. A smart server admin will always keep them disabled unless A legitimate user ask him to enable them for legitimate usage….

Read More Read More