Thursday, June 13, 2013

How To Upload A Shell In Web Applications

Most of the people will exploit servers with file upload vulnerability , as it is very simple to find out this exploit by an simple dork

    inurl:upload.php or  inurl:upload.html

Now you have upload a shell file in the upload option. Normally upload option of an web Apps never accepts php files, as most of the shells are php.
In order to upload php shell in web apps follow these steps

Rename the shell abc.php to abc.php.txt and upload that shell and run the /path/xyz.php.txt
Rename the shell as which will bypass a simple filter on .php and Apache will still use .php as extension; since this configuration it doesn't have handler for .xyz
Rename the shell as .php3 and upload it to server(web apps).


Post a Comment


Subscribe in Bloglines Msn bot last visit powered by MyPagerank.Net Yahoo bot last visit powered by MyPagerank.Net
I heart FeedBurner downtime checker The Ubuntu Counter Project - user number # 31290

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Powered by TadPole