upload shell by via data tampering

upload shell  by via data tampering


Hello guys.today we will take about data tampering we use this this mathod when we got admin panal access. after access we are ready to try upload our shell but it doesn't allow it to upload the shell extension .php. we are not ready to attack it in the case we use data tampering to upload our shell and make it  perfectly executable files or computer virus and dynamic link  its depend on plan what we do , by data tampering we can change the file extension by the add on of the firefox called '' data tamper.  

we won't the tools for execut all attack 

1 . firefox 
2 . tamper data add on  firefox
3 . site ( in which you want to upload ) 

we are ready for execut attack 
“.
First step of all install the Data Tamper add on in FireFox. Then login to the site where you want to upload shell.

Go to the place where you can upload the image. In my case it is in the product category>edit product.

Now click on Browse>select your shell location ( Must be in .jpg , ,png , .gif ) like anything.jpg before clicking the upload button open the Data Tamper and click on start tamper then click on upload the image. You will get the pop up click on Tamper.

After that You will get the Post Data in the right column copy that all and paste that in the Note-Pad. now look for the extension of your file name in my case that is ” .gif ” and it is on the last line change that with .php and copy that all and paste that in the Post Data and click on Now copy the location of your shell and you will see that the extension has been changed to php.

Now open your shell and deface the site.

i hope you well enjoy all tutorial ..