Thursday, June 13, 2013

How To Upload A Shell In Web Applications

3:17 PM Unknown

Most of the people will exploit servers with file upload vulnerability , as it is very simple to find out this exploit by an simple dork

    inurl:upload.php or  inurl:upload.html

Now you have upload a shell file in the upload option. Normally upload option of an web Apps never accepts php files, as most of the shells are php.
In order to upload php shell in web apps follow these steps

Rename the shell abc.php to abc.php.txt and upload that shell and run the /path/xyz.php.txt
Rename the shell as abc.php.xyz which will bypass a simple filter on .php and Apache will still use .php as extension; since this configuration it doesn't have handler for .xyz
Rename the shell as .php3 and upload it to server(web apps).

0 comments:

Post a Comment

 

Subscribe in Bloglines Msn bot last visit powered by MyPagerank.Net Yahoo bot last visit powered by MyPagerank.Net
I heart FeedBurner downtime checker The Ubuntu Counter Project - user number # 31290
 
Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Powered by TadPole
FOG FLAMES