.htaccess to allow extension
Add Type application/x-httpd-php .evil
Check the upload location.
Upload the .htaccess.
Hit Ctr + h key to show dot extension for file upload.
Then you can upload the file.
Or, use a BURP to change the name and add the content to the request.
Upload shell.evil (php file, etc.)
Rename the file to whatever you have defined in .htaccess and upload the file.
Last updated