How Websites Get Hacked With FileUpload Vulnerability?
However there is a problem, The PHP files can still be uploaded by various methods. The most common method is by renaming the PHP backdoor to the following and then uploading the shell.
However there is also a method to block the upload of the above files. But there is also another way to bypass it even if the uploading of the files name with the above extension is blocked. We will use tamper data for this purpose.
Install http live headers firefox extention, then go to the upload section. Open Live HTTP Headers and upload shell. Now if you try to go to the link where you have your shell uploaded it will give you error (only on some websites) so we will have to change that hidden .php.jpg extension into the .php.
So as we uploaded the shell and opened the Live HTTP Headers you should find where you have uploaded your shell. You will have to find the line where ti writes that you uploaded the shell. Select it and then click on button reply.
Step 2 -
After uploading, find the directory where your fle uploaded, example if you uploaded it in images then it will be in http://website/images/shell.php. The rest of the steps are self explanatory.
How To Protect Your Website from the FileUpload Vulnerability?
That's a separate topic and will be explained in a separate post. However for now I would recommend you to install a third party fileuploading service, Where the file get's uploaded the fileuploading service's server not yours.
About the author :
Minhal Mehdi is a Tech Blogger and Ethical Hacker, He runs a blog http://www.devilscafe.in. where he writes about Exploits and vulnerabllies