MaDLeeTs • Cyber Security & Professional Webmasters Forum
How To Acess Your Shell In JPG - Printable Version

+- MaDLeeTs • Cyber Security & Professional Webmasters Forum (http://www.madleets.com)
+-- Forum: Windows (http://www.madleets.com/Forum-Windows)
+--- Forum: Tips & Tricks (http://www.madleets.com/Forum-Tips-Tricks)
+--- Thread: How To Acess Your Shell In JPG (/Thread-How-To-Acess-Your-Shell-In-JPG)

Pages: 1 2


How To Acess Your Shell In JPG - KinG_HaXoR(PHC) - 05-20-2013

Some time a website have want only image extension
and shell is in PHP so how to upload

First open your shell with notepad and then Save As and change the extension to one of these



shell.php;.jpg

shell.php.jpg

shell.php..jpg

shell.php.jpg

shell.php.jpg:;

shell.php.jpg%;

shell.php.jpg;

shell.php.jpg;

shell.php.jpg:;





If
you did not find any option for uploading files, but have place where
you can add news or new event or something you can use meta http-equiv
to make redirection from website to your deface page. Just add this
code in news


<meta http-equiv="refresh" content="0;url=http://link_to_your_defacee_page">



after Getting admin Panel,if you can't upload .php directly upload it with modified extensions as I stated above.





After uploading, find the directoey where your fle uploaded,

example if you uploaded it in images then it will be in http://website/images/shell.php



Sometimes
simple extension hiding will not work so you have to use one addon for
firefox Live HTTP Headers, Get Live firefox HTTP headers Here


https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/

Install
it and then hide shell extension, go to the upload section. Open Live
HTTP Headers and upload shell. Now if you try to go to the link where
you have your shell uploaded it will give you error (only on some
websites) so we will have to change that hided .php.jpg extension into
the .php. So as we uploaded the shell and opened the Live HTTP Headers
you should find where you have uploaded your shell. You will have to
find the line where ti writes that you uploaded the shell. Select it and
then click on button reply.




[Image: image_2317925.original.jpg?1327250684]





After that you have to find once again the same line of code which shows that you have uploaded shell.

So
when you find it select the extension you used to hide original .php.
In my case it is .jpg (List of all these extension is given in this
tutorial at the beginning). When you select it delete it so that we have
only c100.php. And after that once again click on reply.








It
will take you to the shell, and if it does not then you will have to
find manually where shell has been uploaded and go to that link.






Note : This doesn't work for every website but working in mostly websites


RE: How To Acess Your Shell In JPG - SilentKiller - 07-01-2013

Nice for information bro....


RE: How To Acess Your Shell In JPG - l4m3r - 07-01-2013

nice tutorial .. great :exclamation:


RE: How To Acess Your Shell In JPG - [email protected]_nax - 07-01-2013

great......


RE: How To Acess Your Shell In JPG - madcodE - 07-01-2013

or just upload this htaccess code

Code:
AddType application/x-httpd-php .jpg

and upload ur shell as shell.jpg
and
access it as yourwebsite.com/shell.jpg wink

it works sometimes but not at all websites

regard's


RE: How To Acess Your Shell In JPG - AZ Sn1ff3r (PCP) - 07-01-2013

Nice shara Biggrinsmiley


RE: How To Acess Your Shell In JPG - Skull - 07-03-2013

v.Nyc plz some sites List for test thIS THANX Tonguesmiley

v.Nyc plz some sites List for test thIS THANX Tonguesmiley


RE: How To Acess Your Shell In JPG - _-_ L.a.F.a.n.G.a _-_ - 07-04-2013




RE: How To Acess Your Shell In JPG - sniffer - 07-04-2013

shell.php ----------> shell.php.jpg

shell.php---------->shell.php.png


boom.php;.gif


RE: How To Acess Your Shell In JPG - _-_ L.a.F.a.n.G.a _-_ - 07-04-2013

(07-01-2013, 10:41 PM)??dCoDE Wrote:  or just upload this htaccess code

Code:
AddType application/x-httpd-php .jpg

and upload ur shell as shell.jpg
and
access it as yourwebsite.com/shell.jpg wink




it works sometimes but not at all websites

regard's
where to upload that code ? :-??