Upload_bypass,File upload restrictions bypass, by using different bug bounty techniques!
POC video:
pip3 install -r requirements.txt
Usage: upload_bypass.py [options]
Options: -h, –help
show this help message and exit
-u URL, –url=URL
Supply the login page, for example: -u http://192.168.98.200/login.php'
-s , –success
Success message when upload an image, example: -s 'Image uploaded successfully.'
-e , –extension
Provide server backend extension, for example: --extension php (Supported extensions: php,asp,jsp,perl,coldfusion)
-a , –allowed
Provide allowed extensions to be uploaded, for example: jpeg,png
-H , –header
(Optional) - for example: '"X-Forwarded-For":"10.10.10.10"' - Use double quotes around the data and wrapp it all with single quotes. Use comma to separate multi headers.
-l , –location
(Optional) - Supply a remote path where the webshell suppose to be. For exmaple: /uploads/
-S, –ssl
(Optional) - No checks for TLS or SSL
-p, –proxy
(Optional) - Channel the requests through proxy
-c, –continue
(Optional) - If set, the brute force will continue even if one or more methods found!
-v, –verbose
(Optional) - Printing the http response in terminal
-U , –username
(Optional) - Username for authentication. For exmaple: --username admin
-P , –password
(Optional) - - Password for authentication. For exmaple: --password 12345
The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether…
Introduction In digital investigations, images often hold more information than meets the eye. With the…
The cat command short for concatenate, It is a fast and versatile tool for viewing and merging…
What is a Port? A port in networking acts like a gateway that directs data…
The ls command is fundamental for anyone working with Linux. It’s used to display the files and…
The pwd (Print Working Directory) command is essential for navigating the Linux filesystem. It instantly shows your…