Ready to Start Your Career?

By: baphomet1488
March 9, 2017
Using CMS Upload and Tamper Data to Obtain Administrative Access to a Webserver

By: baphomet1488
March 9, 2017

- You will rename your shell as follows: shell.php.jpeg.
- Open the tamper data plugin.
- Browse to the CMS section that will allow you to upload a photo.
- Set the page to upload shell.jpeg.php but DO NOT submit the request to upload yet!
- On the tamper data plugin, click Start Tamper.
- On the CMS form submit the request to upload shell.php.jpeg
- You will then get a series of popups from the Tamper data plugin. Click "Tamper" with continue tampering checked on the popup window.
- You will be looking for a window to pop up that has the actual GET request and the POST request for uploading shell.php.jpeg
- In the POST request, you will need to edit the file name of shell.php.jpeg to shell.php. The file WILL NOT execute unless it is using the .php file extension!
- After the shell is uploaded, Navigate to the shells location in your browser, this will vary from CMS to CMS.Enjoy Administrative privileges!