Learn Kali Linux Episode #72: Uploading a Reverse Shell to a Web Server

Hello everybody and welcome to this last tutorial of the course. Today I will show you how you can upload a reverse shell onto a web server. However, there are multiple problems here. First of all, the filtering of extensions. So for example, I have on my desktop it says have a nice day.php, and then I have something here which I've clearly mistyped. Let's type a back slash, excellent! So this is my reverse shell to which I have added th extension jpg. Primarily because, web servers they have filters. And let's just open up our damn vulnerable app, there's this neat upload section, Now somebody might say, well, we're not gonna get that in a real web server or website. My answer to this, yes, you will. Why? Well, pretty much all social websites, and any sort of a website that has client to client interaction, and any sort of website which has tech support, or something of a kind, and which has contact forums, 99% chance that there will be an upload function somewhere on the site. Just have a look around, it's there, almost all the sites have an upload function of some sort or a kind. Okay, try to imagine a dating website. How would a dating website function without an upload function to upload photos of people? Practically impossible. Also, social media websites and so on. Now there are several things which you need to take into consideration. One of them is you need to figure out which version of PHP are they running. To do that, nope not burpsuite, not this one, excellent! To do that you have an nmap scan, and you have --script=http-php- version. And this is going to give you a version of HTTP, and it's gonna try to determine which operating system is running there as well, if I'm not mistaken. But more importantly, it will give you a PHP version of the web server. And then based upon the version of the PHP, you will be able to exercise certain vulnerabilities. So my version, you can find this script on the nmap website. Just type into Google, or whatever search engine you are using, nmap PHP version scan and it will bring you there. I hope that you know how to do that by now. If you want to check which PHP version you are using, you can type in php5 -v, and there you go. So, lets see, PHP 5.4.39.