I made a PHP payload in meterpreter (which works) and want to upload it to my wordpress site using the vuln described in exploit-db.
I edited the file header with the hex code provided in the exploit provided as so:
Then I'm using Webscarab to intercept the POST command and edit the content-type to "image/gif". The file im uploading is ofcourse .php file.
The upload is somewhat successful as i don't get the usual error message telling me its the wrong filetype:
However, when checking my directory there are no files being uploaded.
Does anyone know the reason for this? I don't think its the filesize as my payload (php) is 1.28K. Did i miss someting?
Im thinking im missing some size definition of my picture maybe?