Skip to main content

Featured Post

Kali Linux Terminal Customization Tutorial

Today I'll show you guys how to change kali linux terminal header text.
5 comments

[Hacking Tutorial] How To Upload Shells Successfully

Hello all

This post is for people who fail to upload shell onto websites

Try these methods below



Method 1:
we all know that uploading scripts accepts JPG or GIF or both etc..
so its possible some times to bypass it by
renaming the file to
" shell.jpg.php "


Method 2:
Sometimes we can upload PHP file by editing the parameters with tools such as
Tamper Data ( Firefox Addon )
Download Here:
Code:
https://addons.mozilla.org/en-US/fir...n/tamper-data/
Change the

application/octet-stream
to
image/gif
or
image/jpg


Video tuorial:
http://www.youtube.com/watch?v=OB5iQI5SkTw
However, that works on some scripts...


Method 3:
We can also upload shell by adding
to the file name

%_00
shell.jpg%00php

shell.jpg%.php

or

shell.jpg;php (works alot specially on Win box'z )


Method 4:
Another way is by tricking Apache
by adding PHP languages
For Example:
file.php.en
the Apache will read the file.php.en
as a normal php file
cause .en refers to English
another example:
file.php.ar
.ar refers to Arabic and so on....
that helps when we find an uploading center that
denies PHP extinsions and allows any other unknown extionsion.

Well that's pretty much it

Good luck!
Labels:

Comments

Post a Comment

Popular posts from this blog

[Bank Transfer Tutorial] Prepaid Card Cashout

1. You will goto card.com and get a prepaid card with checking acc using the bank logs info to sign up with, only change the billing address to your drop address. It will take 3-5 days for you to receive and activate the card but you can deposit after registration is successfull. And as far as you havent caused any changes on the account, the owner will not be notified. 2. Go to venmo and register an account with the prepaid account details. Verify the venmo acc with the ssn and dob. 3. After a day, add the prepaid account to your venmo acc and verify it. Add the bank log details to the venmo acc and verify it. Two days gone. 4. On the third day, load less than $11,000 in your venmo balance. 5. On the next day, cashout less than $10000 into your prepaid account. the money is yours. 6. The mail containing the card would have reached your drop. Activate it online and cashout immediately. Warning. 1. Prepaid cards take only $10,000 and less. If more than $1000
48 comments
Keep Reading

Get Any Premium Templates Free @ ThemeForest! ( Full Method )

Hi all! Today I'm going to share to you how to get any premium templates  in ThemeForest without downloading any shitty files or viruses. I think you guys enjoy this tutorial ;) . This also includes some screenshots to guide you :D Go to Google Put this query at the search box. intitle:"index.of" themeforest-4260361-journal-advanced-opencart-theme-framework.zip  Replace "4260361" with the number of your desired template. Replace "journal-advanced-opencart-theme-framework" with the name of your desired template. Then hit enter! And you will be seeing direct links of the template you want For example: I want this template. http://themeforest.net/item/ avada-responsive-multipurpose-theme / 2833226 So this would be my query: intitle:"index.of" themeforest- 2833226 - avada-responsive-multipurpose-theme .zip Screenshot A simple thanks or rep is much appreciated Enjoy
2 comments
Keep Reading

Some most important google dorks

Salam all , today i can give you some most important google dorks . whos help you for hacking . lets see blew - Dork for finding shell inurl:.php “cURL: ON MySQL: ON MSSQL: OFF” “Shell” filetype:php intext:”uname -a:” “EDT 2010? intitle:”intitle:r57shell” [ phpinfo ] [ php.ini ] [ cpu ] [ mem ] [ users ] [ tmp ] [ delete ] inurl:”c99.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout inurl:”c100.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout intitle:”Shell” inurl:”.php” & intext:Encoder Tools Proc. FTP brute Sec. SQL PHP-code Updat Dork html injection inurl:"id=" & intext:"warning: mysql_fetch-assoc() inurl:"id=" & intext:"warning: mysql_fetch-array() inurl:"id=" & intext:"warning: mysql_num_rows() inurl:"id=" & intext:"warning: session_satrt() inurl:"id=&qu
Post a Comment
Keep Reading