Me and a friend of mine set up a small website for the purpose of learning SQL Injection and RFI and LFI (But so far we're at SQL Injection)
I decided to try the Fasttrack Query String Parameter Attack. I filled in the URL with the
'INJECTHERE and Fasttrack starts working. All 4/4 parts of the payload is transferred to our site and Fasttrack says I should have shell if everything went OK but I don't get one. First I thought there was an issue with port forwarding (I run BT4 in VMWare Workstation incase you wonder) So I plugged myself directly into the modem but I'm still not getting a shell. Has anyone else experienced this or does anyone have an educated guess about why I'm not getting a shell?
Thanks in advance