Remote Code Execution
Found a target using google dorks which having a responsible disclosure program. Let’s consider the target as
abc.com the target website have no functions other than uploading
CV to the company.
Find more Google Dorks here.
The Repository contains various payloads, tools, tips and tricks from various hackers around the world. Please take a…
So I quickly filled out all the necessary details and attached php reverse shell as attachment and uploaded.
Intercepted the request and checked does this function allow to upload php files and it turns yes. They don’t have any validations on file content types and file contents.
So I used ngrok for PORT forwarding to gain reverse shell. I updated the IP address and PORT from ngrok and uploaded the reverse shell successfully.
The website shown the location of the uploaded files in the response, so I quickly directed to the php file location and triggered the reverse shell and the objective is completed.
I Quickly reported the Issue to the respective company and they acknowledged the report, reproduced the issue, and rewarded me $500 for reporting the issue.
Thanks for reading.
Follow me on Twitter : thevillagehacker