2 comments on “Upload shell to hack a website : Part3 – Weevely

  1. ugh so you created a shell backdoor.php, but when you uploaded it you entered ‘backdoor.php.booojpg’ soooooo where did the .booojpg crap come from? And what’s with the light gray on white font color? That makes seeing really helpful

    • @Emily, this howto is about arbitrary file upload. I have created a PHP shell but later renamed it to php.booojpg to bypass the restrictions imposed in web server to prevent arbitrary file uploads.By keeping an extension of jpg, I a trying to fool the web server that it’s an image I am trying to upload.

Leave a Reply

Your email address will not be published. Required fields are marked *