htshells
htshells is a series of web based attacks based around the .htaccess files. Most of the attacks are centered around two attack categories. Remote code/command execution and information disclosure. These attacks are intended for use during penetration tests or security assessments. It was created to get shell in a CMS that restricted uploads based on extension and placed each uploaded file in it's own directory.
USAGE
Pick the attack you wish to perform, copy the file to a new file named .htaccess and upload the file to the web server. Now browse to the uploaded location to execute your attack. For a more indepth example, see the tutorial.
DOCUMENTATION
See the project README file and the frequently asked questions.
DOWNLOAD
You can download the files from the github project page.
USAGE
Pick the attack you wish to perform, copy the file to a new file named .htaccess and upload the file to the web server. Now browse to the uploaded location to execute your attack. For a more indepth example, see the tutorial.
DOCUMENTATION
See the project README file and the frequently asked questions.
DOWNLOAD
You can download the files from the github project page.