In this I will show you how to upload a shell ...
Upload php shell using Tamper Data :)
While hacking u must have come along some sites or pages where they ask you to upload shells in just .jpg or some image format and i dont think you must be having any image shell :p . Anyways lets begin. You must have heard of data tampering or Tamper Data? No? Well, i will tell you...
Tamper Data is a firefox addon which is used to view and modify HTTP/HTTPS headers and post parameters.Trace and time http response/requests.Security test web applications by modifying POST parameters.
First of all- download tamper data from here: https://addons.mozilla.org/en-us/firefox/addon/tamper-data/ (remember to use Firefox)-
Install it and restart firefox. (It works with almost all the versions of firefox).-
Rename your .php shell to .jpg shell. e.g. : if the name of your shell is shell.php, make it shel.php.jpg or shell.php;.jpg shell.php;.jpg (To bypass website's security).
- find website to upload images
1- Locate your shell and place it in the upload box.
2-Click on tools in firefox menu and select Tamper Data.
3- Wait...Dont click on upload/save button , instead click on Start Tamper in tamper data addon and remember dont open any extra tabs except the uploading page.
4- Now hit the upload button.
5- After clicking on upload a window will appear, click on Tamper button.
6- Then you will see a tamper popup, copy all of the text of POST_DATA in a notepad. press ctrl+f in notepad and find shell.php.jpg or shell.php;.jpg and delete .jpg :) shell.php
7- Now again copy all the things in notepad and paste it in POST_DATA field and click ok
8- Locate ur pic/shell, What? You are done. your shell will be uploaded in the .php format..
-------------------------------------------------------------------------------------------------------KNOXD3CrypT0r
No comments:
Post a Comment