Ah.... I keep trying to upload a picture but it won't let me anyway I guess I will have to try to explain this in the best way possible I am trying to upload a php shell.....I have found the place to do so /fckeditor/editor/filemanager/browser/default/frmupload.html .......but every time I try to upload the shell I get an HTTP verb error is this because of the .php and if so how do I by pass this I have seen somewhere that I can use tamper data and first name the file .txt and than change it back to .php is that what I am suppose to do????
Forum Thread: Http Verb Error When Trying to Upload Php Shell
- Hot
- Active
-
Forum Thread:
Eml to PST Conversion
4
Replies
1 hr ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
9
Replies
2 hrs ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
7
Replies
20 hrs ago -
Forum Thread:
Msfconsole Error After Msfupdate
7
Replies
2 days ago -
Forum Thread:
How to Track Who Is Sms Bombing Me .
2
Replies
3 days ago -
Forum Thread:
How to Hack CCTV Private Cameras
66
Replies
4 days ago -
Forum Thread:
Metasploit Reverse TCP Listener for Public IP Address
2
Replies
5 days ago -
Forum Thread:
How to Get Router PIN?
11
Replies
5 days ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
41
Replies
6 days ago -
Forum Thread:
Metasploit - Embedding an Android Payload into a PDF?
8
Replies
1 wk ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
174
Replies
1 wk ago -
Forum Thread:
How to Get Proxychains to Work?
14
Replies
2 wks ago -
Forum Thread:
Problem with .Apk Payloads
24
Replies
2 wks ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
118
Replies
2 wks ago -
Forum Thread:
Getting Error in Android Meterpreter Session
8
Replies
2 wks ago -
Forum Thread:
So...You Want to Be a Hacker?
23
Replies
2 wks ago -
Forum Thread:
Hacking Facebook,Twitter,Instagram Account Passwords with BruteForce
162
Replies
2 wks ago -
Forum Thread:
Deauth-Ing a Dual Band AP
1
Replies
3 wks ago -
Forum Thread:
PROBLEM After Installing KALI LINUX on MY LAPTOP WHICH Has NOW AFFECTED MY WINDOWS 7 OS (I Wanted to Dual Boot Kali Woth
4
Replies
3 wks ago -
Forum Thread:
How to Find Someones Location by Image
3
Replies
3 wks ago
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Perform Advanced Man-in-the-Middle Attacks with Xerosploit
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How To:
Exploit EternalBlue on Windows Server with Metasploit
-
How To:
Hunt Down Social Media Accounts by Usernames with Sherlock
-
Hacking Windows 10:
How to Dump NTLM Hashes & Crack Windows Passwords
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How To:
Run Kali Linux as a Windows Subsystem
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To:
Scan Websites for Interesting Directories & Files with Gobuster
-
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
-
How To:
Upgrade a Normal Command Shell to a Metasploit Meterpreter
3 Responses
also I use dotdotpwn to scan the site now when it says that a certain parameter is vulnerable what does it mean vulnerable to what cause when I try to look them up the website doesn't change its still the same
give you advice about bypass and I don't known if you have right and permission it is not really good idea.You can bypass it and these is couple techniques.It really depends on system security.And about dotdotpwn i never use it but many tool have false positive attack thaats why is good to test it manually
You could try using Burp Suite, it's proxy interceptor allows you to manipulate HTTP traffic from your browser. You can use it to bypass upload restrictions in some cases.
-Defalt
Share Your Thoughts