fadirano's Avatar, Join Date: Apr 2012
Newbie Member
Great article, but what of website that does not have where to upload your shell?? is there any other way you can work on such website.
waiting for reply.
supupoff's Avatar, Join Date: Aug 2012
Newbie Member
noce article thanks very usefull
dutchmandonpedro's Avatar, Join Date: May 2012
Newbie Member
This is really a nice article, very strait forward and understanding. How will someone upload the shell into website that doesn't have anywhere to upload file. And what is the countermesure an admin go use so attackers will not gain access the the web servers when shell php code is injected or will not be able to work on the server.
P455w0rd_Cr4kz's Avatar, Join Date: Jan 2007
Ambitious contributor
Quote:
Originally Posted by dutchmandonpedro View Post
This is really a nice article, very strait forward and understanding. How will someone upload the shell into website that doesn't have anywhere to upload file. And what is the countermesure an admin go use so attackers will not gain access the the web servers when shell php code is injected or will not be able to work on the server.

If you're lucky you coud find a text/pict editor to post,that will allow you to upload a jpg,not a php shell. However..you can rename your php shell to somethink like shell.php;jpg. There are many other ways i cant remember right now