0

I have uploaded a php shell using a file upload vulnerability. But when I hit the .php url after uploading it. It gets downloaded rather than executed. Why is that. And how can I execute my shell code?

This is the URL that it gets uploaded into: upload_dir/company/logo/8a2d9fee905e3ddb01906fb978c3268a/17198768259.jsp I have also tried with upload_dir/company/logo/8a2d9fee905e3ddb01906fb978c3268a/17198768259.js. But both of them just downloads my shellcode. Rather than executing it. What is the fix of it?

Also most of the files in the website comes with .js extension.

enter image description here

Improve this question
7
  • Do you understand that Java, JavaScript and PHP are all entirely different languages with different execution environments? Commented Jul 2, 2024 at 0:11
  • I have tried with jsp, php shells. wappalyzer shows the server run java and php. I have updated question with an image Commented Jul 2, 2024 at 0:13
  • 1
    As pointed out in your previous question, you cannot just add a file with a random extension to a random folder and expect the server to magically execute it with the correct interpreter. The server has a specific configuration which forwards specific paths to specific language interpreters. For example, if the server allows PHP script execution in the upload directory, and it selects the PHP interpreter based on a .php extension, then a script with that extension will be executed as PHP code. Otherwise, it won’t, no matter how many different extensions you try. Commented Jul 2, 2024 at 0:23
  • Is there a way to detect as a pentester, without uploading each file extensions. What folders are configured to run what files? Otherwise, the whole effort for an upload bypass vulnerability fails... Commented Jul 2, 2024 at 2:29
  • 2
    Trying different extensions is pointless, because as I’ve already tried to explain, PHP, Java and JavaScript are completely different languages. The first step is to learn how web servers execute code – I’m not talking about attacks, just basic concepts like the FastCGI protocol (which is relevant for PHP) and Jakarta Servlets (which are relevant for Java web applications). You need to understand that there are different execution environment for different programming languages. Commented Jul 2, 2024 at 3:10

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.