Hi guys.
I’ve just finished an initial draft of my review of Kioptrix-2, a vulnerable machine that I hacked. I suggest everyone here to have a look at my blog to find out more about how I did it. MAINLY because I used some of the most common webapplication vulnerabilities out there (SQL- and Command-injection) to gain shell access to the machine.
Injections are the most common (according to the latest OWASP report) vulnerability on modern webapps. If you don’t know what they are or if you are interested in learning how to work with ethical hacking, you can find more information on my blog: https://pentestimonials.wordpress.com
The blogpost covering SQL injection can be found here.
Cheers, guys!