Upload_bypass,File upload restrictions bypass, by using different bug bounty techniques!
POC video:
pip3 install -r requirements.txt
Usage: upload_bypass.py [options]
Options: -h, –help
show this help message and exit
-u URL, –url=URL
Supply the login page, for example: -u http://192.168.98.200/login.php'
-s , –success
Success message when upload an image, example: -s 'Image uploaded successfully.'
-e , –extension
Provide server backend extension, for example: --extension php (Supported extensions: php,asp,jsp,perl,coldfusion)
-a , –allowed
Provide allowed extensions to be uploaded, for example: jpeg,png
-H , –header
(Optional) - for example: '"X-Forwarded-For":"10.10.10.10"' - Use double quotes around the data and wrapp it all with single quotes. Use comma to separate multi headers.
-l , –location
(Optional) - Supply a remote path where the webshell suppose to be. For exmaple: /uploads/
-S, –ssl
(Optional) - No checks for TLS or SSL
-p, –proxy
(Optional) - Channel the requests through proxy
-c, –continue
(Optional) - If set, the brute force will continue even if one or more methods found!
-v, –verbose
(Optional) - Printing the http response in terminal
-U , –username
(Optional) - Username for authentication. For exmaple: --username admin
-P , –password
(Optional) - - Password for authentication. For exmaple: --password 12345Introduction Variables are one of the most important basics of Bash scripting. A variable is…
Introduction Running a Bash script in Linux is a basic but important skill for anyone…
Introduction Writing your first Bash script in Linux is one of the best ways to…
Docker has become one of the most important tools in modern software development. If you…
The APT Command Linux users rely on is one of the most powerful tools for…
Ubuntu users usually install software through .deb packages or the APT package manager. However, some…