Maybe you have experienced this before you've uploaded a shell but target PHP = On Disable Function = entre2v2, gzuncompress, symlink, gzinflate, str_rot13, exec, system, passthru, shell_exec, escapeshellarg, escapeshellcmd, proc_close, proc_open, ini_alter, dl, popen, show_source .
It means that if so you can't do symlink, mass deface, etc. In accordance with what function is disabled, wow.
Look at the picture above. The Disable Function is red " show_source, system, shell_exec, passthru, exec, popen, proc_open ", well here I will explain how to bypass it so we can do what we want. Okay okay let's get started.
safe_mode = OFF
disable_functions = NONE
Then don't forget to save.
Continue to the next step.
You created the .htaccess file where you made the php.ini file earlier, in essence it is in one dir.
Then fill in the .htaccess file with the following source code,
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
Then you save, and try to upload the file or just execute it.
But if you are lazy to make manual methods like the one above,
here I have prepared the Bypass Disable Function tool. You can copy here .
How to use it is quite easy.
The first thing you download is the tool, then upload it on your target website, it's up to you to upload it on which dir.
After that, all you have to do is click on the section that says " Please Click Here First " then wait until the process is complete then try to refresh the page
If successful, the writing in the Desible Function section will be none. After that it's up to you to disymlink kek or what it depends on you.
That's all from me, hopefully it's useful.
0 Comments:
Post a Comment