Bounty

@sh4nk said:
after resets it gives out 500s…

just close and start a new tab if it gives 500s on previous working uploads

So, I develop a php script with curl for uploading file any time :wink:

Something strange is happening!
I trying many times to upload a file for over two hours…
Always returning the message “File uploaded successfully” but the file not exists!
Earlier this flow were working.
This happens only to me or there is someone else who has this problem?

@thek said:
Something strange is happening!
I trying many times to upload a file for over two hours…
Always returning the message “File uploaded successfully” but the file not exists!
Earlier this flow were working.
This happens only to me or there is someone else who has this problem?

Yeah I’m getting same issues

Tried several ways of obfuscating , tried different payloads from super basic to complex… Not sure if I’m really close or wayyyyy off?

can someone please PM me for a string tip on how to bypass the extension check? got stuck there

@danymogh said:
can someone please PM me for a string tip on how to bypass the extension check? got stuck there

Yeah, its quite annoying - I tried null byte injection but to no avail.

Try few of the non-mainstream extensions for this platform. You might get one of them to work and then work from there.

Any hints on getting past 500 - Internal errors? Using a regular msfvenom a**x payload.

@izzie said:
Any hints on getting past 500 - Internal errors? Using a regular msfvenom a**x payload.

May you have an error.

Made it finally!
If anyone needs any help, dont hesitate to pm me!

@thek said:
Something strange is happening!
I trying many times to upload a file for over two hours…
Always returning the message “File uploaded successfully” but the file not exists!
Earlier this flow were working.
This happens only to me or there is someone else who has this problem?

It happens when it gets poorly overwritten by someone else…just be quick and may the force be with you :bleep_bloop:

@izzie said:
Any hints on getting past 500 - Internal errors? Using a regular msfvenom a**x payload.

same.

I’ve probably pulled out more than 50 hairs out of my beard at this point. I can’t for the life of me work out what I’m supposed to do now, trying not to spoil here but I’ve enumerated the page and found what I need to find and I can put stuff where it needs to go but I have no idea how to get to RCE from there given what I’m guessing is a whitelist.

I’m guessing my knowledge is lacking somewhere but I can’t pinpoint what I need to go learn about in particular… DM or a tip here would be great (without spoiling ofc)

@allahackbar we’re on the same boat

Follow up on that private mode tip: load the page cleanly. Don’t reload or use a “result” version.

ah wtf, I was going about it the right way but thought it wasn’t the right way because of what the server was doing (or not doing)

the problem with 500 errors is that it is the wrong approach. it might be made work but there is another easier way using a different extension if that is not giving the rce by uploading game away. I got a shell and I am researching how to get administrator ATM.

■■■ the RCE part is soo anoying …
It’s been 1 hours, i’ve been able to run 10 commands …

i finally got a semi-working web shell but as others are saying it gets removed within < 30 seconds

@allahackbar said:
i finally got a semi-working web shell but as others are saying it gets removed within < 30 seconds

This is the kind of things that is driving me nut …
I’ve install the same OS on a VM in order to prepare my commands, i have a precise idea of what to do, but i can’t get a f****** stable web shell for more than 30 sec …

And ■■■■ no i can’t afford a VIP pass only for this box :frowning: