shell.php.jpg

Discussion in 'Уязвимости' started by .Light., 27 Dec 2015.

  1. .Light.

    .Light. New Member

    Joined:
    12 Jul 2010
    Messages:
    197
    Likes Received:
    4
    Reputations:
    0
    Ребята помогите,удалось залить шелл на сайт под видом shell.php.jpg,что делать дальше?)
     
  2. grimnir

    grimnir Members of Antichat

    Joined:
    23 Apr 2012
    Messages:
    1,106
    Likes Received:
    797
    Reputations:
    231
    когда его открываешь, он обрабатываеться как картинка или как php?
    Хотя,если говоришь шелл- то дальше в теме монетизация ваших шеллов
     
    _________________________
  3. .Light.

    .Light. New Member

    Joined:
    12 Jul 2010
    Messages:
    197
    Likes Received:
    4
    Reputations:
    0
    Как картинка
     
  4. Chrome~

    Chrome~ Elder - Старейшина

    Joined:
    13 Dec 2008
    Messages:
    939
    Likes Received:
    162
    Reputations:
    27
    Так ты залил картинку а не шелл.
     
    grimnir likes this.
  5. grimnir

    grimnir Members of Antichat

    Joined:
    23 Apr 2012
    Messages:
    1,106
    Likes Received:
    797
    Reputations:
    231
    _________________________
  6. .Light.

    .Light. New Member

    Joined:
    12 Jul 2010
    Messages:
    197
    Likes Received:
    4
    Reputations:
    0
    .htaccess не хочет заливать(
     
  7. grimnir

    grimnir Members of Antichat

    Joined:
    23 Apr 2012
    Messages:
    1,106
    Likes Received:
    797
    Reputations:
    231
    _________________________
  8. masolit

    masolit Member

    Joined:
    1 Dec 2010
    Messages:
    24
    Likes Received:
    20
    Reputations:
    0
    ключевые слова ))) Burp Suite, upload, null byte, hex edit, interception.
     
  9. 5maks5

    5maks5 Elder - Старейшина

    Joined:
    29 Aug 2010
    Messages:
    465
    Likes Received:
    264
    Reputations:
    40
    mime-type
     
  10. .Light.

    .Light. New Member

    Joined:
    12 Jul 2010
    Messages:
    197
    Likes Received:
    4
    Reputations:
    0
    Что можно сделать с этим?

    Warning: include(includes/lang/lang_2'.php) [function.include]: failed to open stream: No such file or directory in /home/www/afea6d68840466bf02fc82e12ce43740/web/categories.php on line 13

    Warning: include(includes/lang/lang_2'.php) [function.include]: failed to open stream: No such file or directory in /home/www/afea6d68840466bf02fc82e12ce43740/web/categories.php on line 13

    Warning: include() [function.include]: Failed opening 'includes/lang/lang_2'.php' for inclusion (include_path='.:/opt/php/lib/php') in /home/www/afea6d68840466bf02fc82e12ce43740/web/categories.php on line 13

    Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/www/afea6d68840466bf02fc82e12ce43740/web/includes/plug.php on line 877

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/afea6d68840466bf02fc82e12ce43740/web/categories.php on line 304
     
  11. blackbox

    blackbox Elder - Старейшина

    Joined:
    31 Dec 2011
    Messages:
    364
    Likes Received:
    62
    Reputations:
    11
    Зависит от того, на какие переменные можно влиять. Похоже на lfi (если версия php старая, то можно окончание .php обрезать и любые файлы подключать) и на sql injection. Можно попробовать тем же sqlmap'ом разведать. Или вручную.
     
  12. .Light.

    .Light. New Member

    Joined:
    12 Jul 2010
    Messages:
    197
    Likes Received:
    4
    Reputations:
    0
    Как можно залить шелл не имея доступ к админке.А только скулю?
     
  13. kingbeef

    kingbeef Reservists Of Antichat

    Joined:
    8 Apr 2010
    Messages:
    423
    Likes Received:
    165
    Reputations:
    126
    С помощью into outfile
    Нужно знать полный путь.
    MQ=off
    File_priv=Y
     
    _________________________
  14. .Light.

    .Light. New Member

    Joined:
    12 Jul 2010
    Messages:
    197
    Likes Received:
    4
    Reputations:
    0
    А есть софт для этого?
     
  15. kingbeef

    kingbeef Reservists Of Antichat

    Joined:
    8 Apr 2010
    Messages:
    423
    Likes Received:
    165
    Reputations:
    126
    sqlmap
     
    _________________________
  16. .Light.

    .Light. New Member

    Joined:
    12 Jul 2010
    Messages:
    197
    Likes Received:
    4
    Reputations:
    0
    А можешь пример команды показать ?
     
  17. kingbeef

    kingbeef Reservists Of Antichat

    Joined:
    8 Apr 2010
    Messages:
    423
    Likes Received:
    165
    Reputations:
    126
    Я не пользуюсь им, в данном разделе есть закрепленная тема с вопросами про sqlmap .
     
    _________________________
  18. BabaDook

    BabaDook Well-Known Member

    Joined:
    9 May 2015
    Messages:
    1,069
    Likes Received:
    1,565
    Reputations:
    40
    os-shell


    далее тебя спросит какая технология используется выберай 4 ПХП дефолт
    далее тебя спросит путь . жми 2 и вписывай туда путь собственно всё
     
  19. .Light.

    .Light. New Member

    Joined:
    12 Jul 2010
    Messages:
    197
    Likes Received:
    4
    Reputations:
    0
    А в чем разница
    os-shell ?
    sql shell ?
    Есть джаббер?
     
  20. ms13

    ms13 Elder - Старейшина

    Joined:
    19 Jun 2015
    Messages:
    2,965
    Likes Received:
    15,504
    Reputations:
    116
    Так, ты слишком много вопросов задаёшь!
    Ты спросил за софт, тебе ответили, спросил пример команды, тебе ответили, теперь ты вдруг за разницу --os-shell и --sql-shell начал спрашивать...очень интересно! :)
    Ты б лучше нам рассказал, что у тебя получилось!?!
     
    ArmusIAm likes this.
Loading...