Skip to content

whiplashcd/RevShell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
revshell.py
revshell.py
 
 

Repository files navigation

RevShell

TryHackMe ! Vulnversity

Purpose

This Automates testing which file extensions a web upload endpoint accepts. It repeatedly renames a base file (revshell) to different PHP-related extensions and sends each file to the target upload endpoint. The script prints whether the server response suggests that a particular extension is allowed or rejected.

Quick Summary Of Behavior

  1. The script builds a target URL using the target machine IP and a fixed port/path.
  2. It iterates a list of candidate file extensions (PHP variants).
  3. For each extension it renames the local file to that extension, uploads it with an HTTP POST (multipart/form-data), and checks the server response for the string "Extension not allowed".
  4. It prints whether each extension appears to be allowed or not.

You can Fork This Whatever you want Or modify the code

Note

This script is intended for authorized security testing and learning environments (for example, TryHackMe labs). Do not use this against systems you do not have permission to test. Always follow the rules of engagement and local laws.

About

TryHackMe ! Vulnversity

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages