This video is to demonstrate how a hacker can hack a shared server using a Symlink Bypass.
The attacking can read configuration on other users who are hosting on the same server as the compromised website.
- First the attack needs to find a vulnerable website so he can get shell to the server to upload the symlinks bypass tool.
- From there the attack has to locate the other users on the same server and then try to figure out where or if there is a configuration ex: wp-config.php
- It will then open the config.php and save the inside of the config.php as a txt file.
- From there the attacker would be able to access the victims SQL data base and change the information.
Files for this video can be found on www.zarabyte.com
Please be sure to check out the forum if you need help.
- Backtrack 5 RC2
- Symlink Bypass user by zarabyte
- MySQL Interface Shell
- GNY Shell
- ZaraByte File Uploader