API tools faq
paste
SaintDruG

Tamper

SaintDruG
Nov 23rd, 2015
157
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.32 KB | None | 0 0
raw download clone embed print report diff
  1. Upload php shell using Tamper Data :)
  2.  
  3. While hacking u must have come along some sites or pages where they ask you to upload shells in just .jpg or some image format and i dont think you must be having any image shell :p . Anyways lets begin. You must have heard of data tampering or Tamper Data? No? Well, i will tell you...
  4.  
  5. Tamper Data is a firefox addon which is used to view and modify HTTP/HTTPS headers and post parameters.
  6. Trace and time http response/requests.
  7. Security test web applications by modifying POST parameters.
  8.  
  9. First of all
  10. - download tamper data from here: https://addons.mozilla.org/en-us/firefox/addon/tamper-data/ (remember to use Firefox)
  11. - Install it and restart firefox. (It works with almost all the versions of firefox).
  12. - Rename your .php shell to .jpg shell. e.g. : if the name of your shell is shell.php, make it shel.php.jpg or shell.php;.jpg shell.php;.jpg%00 (To bypass website's security).
  13. - find website to upload images
  14.  
  15. 1- Locate your shell and place it in the upload box.
  16. http://tinypic.com/view.php?pic=294gupt&s=6
  17. 2- Click on tools in firefox menu and select Tamper Data.
  18. http://tinypic.com/view.php?pic=33p4jt4&s=6
  19. 3- Wait...Dont click on upload/save button , instead click on Start Tamper in tamper data addon and remember dont open any extra tabs except the uploading page.
  20. http://i45.tinypic.com/300ds76.jpg
  21. 4- Now hit the upload button.
  22. 5- After clicking on upload a window will appear, click on Tamper button.
  23. http://tinypic.com/view.php?pic=o7vre9&s=6
  24. 6- Then you will see a tamper popup, copy all of the text of POST_DATA in a notepad. press ctrl+f in notepad and find shell.php.jpg or shell.php;.jpg and delete .jpg :) shell.php
  25. http://tinypic.com/view.php?pic=2u97bbr&s=6
  26. http://tinypic.com/view.php?pic=35mie08&s=6
  27. http://tinypic.com/view.php?pic=sc9oup&s=6
  28. http://tinypic.com/view.php?pic=ehjjfp&s=6
  29. 7- Now again copy all the things in notepad and paste it in POST_DATA field and click ok
  30. http://tinypic.com/view.php?pic=1zv95rs&s=6
  31. http://tinypic.com/view.php?pic=1iig4w&s=6
  32. 8- Locate ur pic/shell, What? You are done. your shell will be uploaded in the .php format...Destr0y the website :)
  33. My fav. php shell :) b374k-2.2.php
  34. https://anonfiles.com/file/b305605c6c0efc387d723a34c33dc5b9
  35.  
  36.  
  37. Hope you Like it :)
  38.  
  39. Please like my page
  40. https://www.facebook.com/Str1.k3r.gov
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!