Ready to Start Your Career?

By: baphomet1488
March 9, 2017
Using CMS Upload and Tamper Data to Obtain Administrative Access to a Webserver
By: baphomet1488
March 9, 2017

By: baphomet1488
March 9, 2017

- You will rename your shell as follows: shell.php.jpeg.
- Open the tamper data plugin.
- Browse to the CMS section that will allow you to upload a photo.
- Set the page to upload shell.jpeg.php but DO NOT submit the request to upload yet!
- On the tamper data plugin, click Start Tamper.
- On the CMS form submit the request to upload shell.php.jpeg
- You will then get a series of popups from the Tamper data plugin. Click "Tamper" with continue tampering checked on the popup window.
- You will be looking for a window to pop up that has the actual GET request and the POST request for uploading shell.php.jpeg
- In the POST request, you will need to edit the file name of shell.php.jpeg to shell.php. The file WILL NOT execute unless it is using the .php file extension!
- After the shell is uploaded, Navigate to the shells location in your browser, this will vary from CMS to CMS.Enjoy Administrative privileges!
Build your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry