Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


How To Acess Your Shell In JPG

  • 1 Vote(s) - 1 Average


05-20-2013, 09:40 PM #1
KinG_HaXoR(PHC) Offline $eCur!tY L0veR at P4k!$74N *****
Respected
Posts:515 Threads:81 Joined:Mar 2013 Reputation: 0
Mood: Hacker
Some time a website have want only image extension
and shell is in PHP so how to upload

First open your shell with notepad and then Save As and change the extension to one of these



shell.php;.jpg

shell.php.jpg

shell.php..jpg

shell.php.jpg

shell.php.jpg:;

shell.php.jpg%;

shell.php.jpg;

shell.php.jpg;

shell.php.jpg:;





If
you did not find any option for uploading files, but have place where
you can add news or new event or something you can use meta http-equiv
to make redirection from website to your deface page. Just add this
code in news


<meta http-equiv="refresh" content="0;url=http://link_to_your_defacee_page">



after Getting admin Panel,if you can't upload .php directly upload it with modified extensions as I stated above.





After uploading, find the directoey where your fle uploaded,

example if you uploaded it in images then it will be in http://website/images/shell.php



Sometimes
simple extension hiding will not work so you have to use one addon for
firefox Live HTTP Headers, Get Live firefox HTTP headers Here


https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/

Install
it and then hide shell extension, go to the upload section. Open Live
HTTP Headers and upload shell. Now if you try to go to the link where
you have your shell uploaded it will give you error (only on some
websites) so we will have to change that hided .php.jpg extension into
the .php. So as we uploaded the shell and opened the Live HTTP Headers
you should find where you have uploaded your shell. You will have to
find the line where ti writes that you uploaded the shell. Select it and
then click on button reply.




[Image: image_2317925.original.jpg?1327250684]





After that you have to find once again the same line of code which shows that you have uploaded shell.

So
when you find it select the extension you used to hide original .php.
In my case it is .jpg (List of all these extension is given in this
tutorial at the beginning). When you select it delete it so that we have
only c100.php. And after that once again click on reply.








It
will take you to the shell, and if it does not then you will have to
find manually where shell has been uploaded and go to that link.






Note : This doesn't work for every website but working in mostly websites

KinG_H4XoR
P4K!$74N H4x0r$ CR3W
Hope You Like My TUT's:
How To Acess Your Shell In JPG
550+ Vulnerable Websites
Ddos With Back Track 5 Easily
WAF BYPASS EASY

[email protected]
Www.Fb.Com/I.Love.Pakistan.Champions.Official

07-01-2013, 09:36 PM #2
SilentKiller Offline Member ***
Registered
Posts:79 Threads:9 Joined:Aug 2012 Reputation: 0
Mood: Hacker
Nice for information bro....

.....Alone SilentKiller.....

07-01-2013, 09:44 PM #3
l4m3r Offline Stupid Goverment *****
Moderators
Posts:770 Threads:71 Joined:Apr 2013 Reputation: 2
Mood: Zombie
nice tutorial .. great :exclamation:

+ If you want help, PM me +
[Image: pGKfq5R.png]

07-01-2013, 10:02 PM #4
[email protected]_nax Offline Junior Member **
Registered
Posts:15 Threads:0 Joined:May 2013 Reputation: 0
Mood: Busy
great......

07-01-2013, 10:41 PM #5
madcodE Offline Administrator **********
Junior Administrator
Posts:501 Threads:99 Joined:Oct 2012 Reputation: 8
Mood: Devilish
or just upload this htaccess code

Code:
AddType application/x-httpd-php .jpg

and upload ur shell as shell.jpg
and
access it as yourwebsite.com/shell.jpg wink

it works sometimes but not at all websites

regard's

Name: madcodE haXor
md5: b2eafeb799f022ab22e1af81c0a2bcfa
Email: [email protected]
Facebook: http://facebook.com/haxor.py

I was raised not to be rude, but I also try to get the best work out of people...


[Image: semqRxA.gif]

07-01-2013, 10:47 PM #6
AZ Sn1ff3r (PCP) Offline Mad Lover of Security ******
V.I.P
Posts:461 Threads:46 Joined:Mar 2013 Reputation: 0
Mood: Mad
Nice shara Biggrinsmiley

07-03-2013, 06:46 AM #7
Skull Offline Advance Hacker ***
TeaM MaDLeeTs
Posts:132 Threads:13 Joined:Jun 2013 Reputation: 0
Mood: Mad
v.Nyc plz some sites List for test thIS THANX Tonguesmiley

v.Nyc plz some sites List for test thIS THANX Tonguesmiley

Mirror ( http://dark-h.org/hacker/?s=1&user=PakCyberSkullz )
Pak Leets Biggrinsmiley team MadLeets Biggrinsmiley

07-04-2013, 05:20 AM #8
_-_ L.a.F.a.n.G.a _-_ Offline -_- ComPleX StRuCtuRe -_- ******
V.I.P
Posts:238 Threads:46 Joined:Mar 2013 Reputation: 3
Mood: None

Hackers Make TooLs Not The ToolS Make HAckers (:| :-<


Add Reputation If You Like My Work.

07-04-2013, 05:45 AM #9
sniffer Offline Bug Researchers **********
Junior Administrator
Posts:878 Threads:126 Joined:Sep 2012 Reputation: 12
Mood: Happy
shell.php ----------> shell.php.jpg

shell.php---------->shell.php.png


boom.php;.gif

jabber : [email protected]

07-04-2013, 06:38 AM #10
_-_ L.a.F.a.n.G.a _-_ Offline -_- ComPleX StRuCtuRe -_- ******
V.I.P
Posts:238 Threads:46 Joined:Mar 2013 Reputation: 3
Mood: None
(07-01-2013, 10:41 PM)??dCoDE Wrote:  or just upload this htaccess code

Code:
AddType application/x-httpd-php .jpg

and upload ur shell as shell.jpg
and
access it as yourwebsite.com/shell.jpg wink




it works sometimes but not at all websites

regard's
where to upload that code ? :-??

Hackers Make TooLs Not The ToolS Make HAckers (:| :-<


Add Reputation If You Like My Work.






Forum Jump:


Users browsing this thread:1 Guest(s)