Today i'm going to share how to shell myBB sites after gailing admin privs
What do you need:
- Modified myBB skin xml
- A working shell
- Common Sense
Steps on how to get this working:
- To start out we are going to head on over to the admincp, there is usually a link to it at the top of the page. Once logged in, you will see a tab labled Styles and Templates or something close to that. Now import a new theme (the modified xml linked above).
- Use these settings:
- If all goes well, you should havea green checkmark displayed at the top. Navigate over to templates and select your new template as default.
- Now head over to the board index, at the top you will see at nice little upload shell. Now if you want to be sneeky about this, I suggest not setting the theme as the overall default but just make it the default for your account.
- Ok so we have an up load, now what. Click browse and look for your shell. to the right of the browse button, you will see newfile.php, change this to read ./upload/SHELLNAME.php this is important that you write it this way. Any readable dir will work. I just choose upload for demonstrational purposes.
- Now navigate to where you uploaded the shell (site.com/upload/shell.php)
Post a Comment