.

help needed in retrieving the uploaded shell

<<

manoj9372

Jr. Member
Jr. Member

Posts: 72

Joined: Mon Oct 05, 2009 8:54 am

Post Fri Aug 26, 2011 2:10 am

help needed in retrieving the uploaded shell

hi guys,
I have been learning some basic web-application exploitation these days,
today i have been trying the basic exploitation

i.e exploiting arbitrary file uploads

i have been practicing this on my friends
jsp web-site running  with Apache-Coyote/1.1...,

i had successfully uploaded the shell  with a file name like this
  Code:
commander.jsp.%%.jpeg


but while i tried to retrieve the shell after uploading i am getting error like this

  Code:
The image "http://target.com/state/userregistrationimages/previewtemp/photo-1314340617178.jpg" can not be displayed,because it contains errors


Also the web-server supports the following http methods "GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS"

when i check with some tools ...

I would like to retrieve my uploaded shell,

is it possible to do that ?

Any suggestions/advice please?
Last edited by manoj9372 on Fri Aug 26, 2011 3:28 am, edited 1 time in total.
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Aug 31, 2011 8:10 am

Re: help needed in retrieving the uploaded shell

If the application is renaming what you upload to <random number>.jpg, the web server isn't going to execute that as a .jsp file.

Also, Metasploit has a module for working with those unsafe HTTP methods: http://www.metasploit.com/modules/auxil ... p/writable
The day you stop learning is the day you start becoming obsolete.
<<

manoj9372

Jr. Member
Jr. Member

Posts: 72

Joined: Mon Oct 05, 2009 8:54 am

Post Sat Sep 03, 2011 5:24 am

Re: help needed in retrieving the uploaded shell

  Code:
If the application is renaming what you upload to <random number>.jpg, the web server isn't going to execute that as a .jsp file.

Also, Metasploit has a module for working with those unsafe HTTP methods: http://www.metasploit.com/modules/auxiliary/scanner/http/writable


Thanks "dynamik" i got your point,so even if we upload the file like evil.jsp.%%.jpg,it wont get executed as jsp file,so there is no point of bypassing the filters it seems.

Return to Web Applications

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software