I made a backdoor using weevely, but i discovered that the website i want to hack can only upload .jpg,.png,.gif but i tried using tamper data and live http header but they both didn't work for me.
Is there any other way for me to upload the shell backdoor?
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
Forum Thread:
How to Hack School Website
11
Replies
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
38
Replies
How To:
Dox Anyone
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Exploit Remote File Inclusion to Get a Shell
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
How To:
Perform Advanced Man-in-the-Middle Attacks with Xerosploit
How To:
The Essential Skills to Becoming a Master Hacker
How To:
Inject Coinhive Miners into Public Wi-Fi Hotspots
Analyzing the Hacks:
The Girl in the Spider's Web Explained
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Make Your Own Bad USB
How To:
Enumerate SMB with Enum4linux & Smbclient
How To:
Brute-Force FTP Credentials & Get Server Access
How To:
Use Kismet to Watch Wi-Fi User Activity Through Walls
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
How To:
Create Custom Wordlists for Password Cracking Using the Mentalist
How To:
Hack Coin-Operated Laudromat Machines for Free Wash & Dry Cycles
How To:
Exploit Shellshock on a Web Server Using Metasploit
6 Responses
I think you are confused about what you are trying to do. Weevely is a post-exploitation tool. Meaning remote access is already available or you find a vulnerable website that will allow you to inject your backdoor php code into their website.
but what if the website can only allow image format, and .php format can't be uploaded how will i do that using shell, because nothing seems to work for me.
How are you trying to upload your files? Is it though an upload button on the website?
Yes through an uploading file from the website, then made use of live HTTP that didn't work so i tried tamper data but didn't work as well, can you show how to upload the shell.
The type of attack you are trying to do is not what you are thinking it is. Like I said, you must already have exploited the website or have a vulnerability that allows you to upload directly to the web server code. The backdoor is a php code that must be put in the website code. Uploading a file to the server will not work. If it did it would be a Huge vulnerability for most websites.
If you want to hack a website try to learn database hacking. Sql injections.
Ok thank you.
Share Your Thoughts