1. OUR PREMIUMS

    ZbigZ  Offcloud  Bytebx  Zenmate  Bitport.io
  2. NOW GET PAID FOR POSTING THREADS

    Click Here for More Info
    Dismiss Notice

[METHOD] Shell Uploading Tutorial

Discussion in 'Tips and Tutorials' started by newblackhat, Aug 9, 2015.

  1. newblackhat

    newblackhat Super Staff

    Joined:
    Jul 9, 2015
    Messages:
    135
    Likes Received:
    37
    Trophy Points:
    34
    Gender:
    Male
    Occupation:
    HACKER AND CRACKER
    Location:
    LUUULLL
    Home Page:
    1. Bypass Upload Filter

    When trying to upload your shell if you get error message "Only .jpg files are allowed" or the file gets rename to .jpg extension it is caused by upload filter. We can bypass this by renaming the shell name as follows
    Note: change .jpg to whatever extension the server is allowing.



    Code:
    shell.jpg.php
    shell.jpg.PhP
    shell.php;.jpg
    shell.php%00.jpg
    shell.php.xxxjpg
    shell.php3
    shell.php4
    shell.php5
    shell.phtml

    If its not allowing above extensions you can try renaming it in header install the firefox addon Live HTTP Headers and rename it in header.

    also some dumb admins maintains blacklist only for PHP files like:


    PHP Code:
    $disallowed = array(".php",".phtml",".php3",".php4",".php5");

    so try uploading a .htaccess you can find self contained .htaccess shells here: https://github.com/wireghoul/htshells

    2. Bypassing WAF/Mime Type

    1. Don't use names such as c99.php , r57.php , wso.php use random name these names are blacklisted in some WAFs
    2. Obfucate you code
    3. Pretent to be an image:
    • Add "GIF89A" before your script depending on what kind of file validation they are using this may fool the server into thinking its a image since when it reads the file it finds the gif header and assumes its safe since it’s a image.
    • Another way you can fool the web server into thinking your uploading a image instead of a php shell is to get Firefox and install the “tamperdata” Addon then click start tamper and upload your php shell then tamper the data and change the content-Type from 'application/octet-stream' to 'image/jpeg'


    3. Don't Have Upload Option

    When there is no upload button, it’s not easy to upload a shell. All we can do is try to find if there is a edit option of an existing page. If there is, open that remove the existing paste your shell src save it and now that link will be your shell

    Share your ideas
     
Loading...