Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
83 views2 pages

Module 9 Insecure Deserialization Lab: Description: Requirements: Step 1: Step 2

This document provides instructions for a lab on exploiting insecure deserialization. It outlines 17 steps to access a vulnerable deserialization page, modify the URL to change code execution, and ultimately execute system commands. The questions ask the user to confirm changes in page output from modifying the URL, including displaying PHP info and the system ID. The goal is to demonstrate how insecure deserialization can allow arbitrary code execution on the target system.

Uploaded by

Taha Khan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
83 views2 pages

Module 9 Insecure Deserialization Lab: Description: Requirements: Step 1: Step 2

This document provides instructions for a lab on exploiting insecure deserialization. It outlines 17 steps to access a vulnerable deserialization page, modify the URL to change code execution, and ultimately execute system commands. The questions ask the user to confirm changes in page output from modifying the URL, including displaying PHP info and the system ID. The goal is to demonstrate how insecure deserialization can allow arbitrary code execution on the target system.

Uploaded by

Taha Khan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

 

 
 

 
Module 9 Insecure Deserialization Lab

Description:​ In this lab, you will identify and exploit an example of insecure deserialization.
Requirements:​ You will need access to the Cybrary lab environment for this lab.

Step 1:​ Log into Cybrary


Step 2:​ Launch the ​OWASP Insecure Deserialization​ lab by searching for it in the catalog
and selecting the launch button
Note: It may take 30-40 seconds for the lab to launch after clicking the button.
Step 3:​ When the lab opens, you will see a pop-up box. Select the Next button, then Ok to
close the pop-up box.
Step 4:​ You will then be taken to the Kali Linux log in screen.
Step 5: ​Enter a username of ​student ​and a password of ​student ​to log into the desktop.
Step 6:​ Next, launch Firefox by clicking on the orange-colored icon near the top-left of the
screen. This will launch the mutillidae page.
Step 7:​ Next, enter the following in the URL bar and press Enter.
http://mutillidae/deserialize.php
Step 8:​ Click the “Say Hi” link on the page.
Step 9:​ Next, click in the URL bar and use the arrow keys on your keyboard to navigate the
URL until you see a value of ​15 ​and the ​print(“Hello”).
Note: The 15 is the string length and the print statement is the code variable. If we change
both of these, we can arbitrary code as we will see later in this lab.
Step 10:​ Next, change the 15 to a ​12.
Step 11:​ Change the Hello to a ​Hi​.

Question 1:​ Does the text on the Web page change at all? If yes, what does the new text say?
_______________________________________________________________

Step 12:​ Next, click back in the URL bar and use the arrow keys on your keyboard to
navigate the URL until you see a value of 12 and the print(“Hi”).

 
Brought to you by:  Develop your team with the ​fastest growing catalog​ in the 
cybersecurity industry. Enterprise-grade workforce development 
management, advanced training features and detailed skill gap and 
 
competency analytics. 

 
 
 
 

 
Step 13:​ Change the 12 to a ​10
Step 14:​ Change the print(“Hi”) to ​phpinfo()​ and press Enter.

Question 2:​ Do you see an output of PHP code? _________________________

Step 15:​ Next, click back in the URL bar and use the arrow keys on your keyboard to
navigate the URL until you see a value of 10 and the phpinfo().
Step 16:​ Change the 10 to a ​13
Step 17:​ Change the phpinfo() to ​system(“id”)​ and press Enter.

Question 3:​ Do you see the www-data user account listed? ________________

Note: If we replace the id with another system command, we can execute any command on
the target system with this user account.

 
Brought to you by:  Develop your team with the ​fastest growing catalog​ in the 
cybersecurity industry. Enterprise-grade workforce development 
management, advanced training features and detailed skill gap and 
 
competency analytics. 

You might also like