.gif)
Many times you get login of a website, but you are unable to upload your PHP shell !
Today i'll show you how to upload your PHP shell through Tamper Data an Firefox Add-on
Install Tamper Data firefox add-on:
Download Tamper Data here
Now Install it and Restart Firefox
Rename shell:
Note: You have to rename you .php shell to .jpg to bypass the website's security
To upload a shell, of-course you needed a upload option in login page or anywhere !
Demo:
As an example i'll take - http://freead1.net/post-free-ad-to-USA-42
It is a free classified ads posting website, so i got a upload option there !
Find your upload option click on browse, locate you .jpg shell and select it !
Now click on Tools in Firefox Menu bar and Select Tamper Data, Tamper Data plugin will open in a new window !
Before Clicking on Upload button click on "Start Tamper" in Tamper Data window..
Note: Before Clicking on "Start Tamper" close every extra tab you have opened.. If you want this tutorial to be open... Just open it in another browser
Now click on upload button !
After clicking on upload button "Tamper with request?" window will appear !
Click on "Tamper" button
After a click on "Tamper" you will see "Tamper Popup"
In Tamper Popup Window, Copy "POST_DATA" text in Notepad
After Copying it to Notepad... "Find yourshell.jpg" and rename it to .php.
Now copy Notepad's text back to "POST_DATA" field..and click OK
It will Upload the shell as .php and you can execute it easily !
Find your .php shell & do whatever you wanted with that website
that's all !
Note: Website Taken as example is patched by the webmaster !
Today i'll show you how to upload your PHP shell through Tamper Data an Firefox Add-on
Install Tamper Data firefox add-on:
Download Tamper Data here
Now Install it and Restart Firefox
Rename shell:
Note: You have to rename you .php shell to .jpg to bypass the website's security
To upload a shell, of-course you needed a upload option in login page or anywhere !
Demo:
As an example i'll take - http://freead1.net/post-free-ad-to-USA-42
It is a free classified ads posting website, so i got a upload option there !
Find your upload option click on browse, locate you .jpg shell and select it !
Now click on Tools in Firefox Menu bar and Select Tamper Data, Tamper Data plugin will open in a new window !
Before Clicking on Upload button click on "Start Tamper" in Tamper Data window..
Note: Before Clicking on "Start Tamper" close every extra tab you have opened.. If you want this tutorial to be open... Just open it in another browser
Now click on upload button !
After clicking on upload button "Tamper with request?" window will appear !
Click on "Tamper" button
After a click on "Tamper" you will see "Tamper Popup"
In Tamper Popup Window, Copy "POST_DATA" text in Notepad
After Copying it to Notepad... "Find yourshell.jpg" and rename it to .php.
It will Upload the shell as .php and you can execute it easily !
Find your .php shell & do whatever you wanted with that website
that's all !
Note: Website Taken as example is patched by the webmaster !
3 comments:
:) :)
very usefullll......
ThX 4 this tutorial...... :)
Hello, we provide you with variety of webshells which are asp, aspx and php web backdoors, such as b374k, c99, r57, pouya, wso etc. https://webshell.co
Post a Comment