File upload vulnerability to Meterpreter

Vulnerability Name: Arbitrary file upload vulnerability in DVWA frame work in “low” section.

System Specification:

Victim – Windows XP SP2 [IP:]

Attacker – Kali Linux 2.0 [IP: PORT: 4444]

Success Criteria: Following two conditions are mandatory for exploiting file upload vulnerability –

  1. Attacker can upload any file (including .php, .asp, .aspx etc)
  2. Attacker can access uploaded file.

Tools used:

  1. Metasploit
  2. Msfvenom

Prerequisite Knowledge:

  1. What is web shell and how it works? [Please google it]
  2. Metasploit listener payload [exploit/multi/handler]


  1. Generate a web shell using msfvenom. msfvenom comes with metasploit framework.


The given command will generate an Raw script that will be named “prasenjitkantipaul.php” and when this php will be triggered it will sent back the connection to the attacker IP (i.e: in 4444 port)

  1. Location of malicious php


  1. Set DVWA security to “LOW” for this exploitation PoC.


  1. File Upload option


  1. File uploaded successfully without checking its file type.


  1. Set listener in attacker’s side to grab the connection what will be sent from victim.


  1. Accessing the file


  1. Let’s see, after trying to access our malicious shell what is happening to our listener.


We successfully compromise victim’s machine using our php web shell.


Leave a Reply

Your email address will not be published. Required fields are marked *

Secured By miniOrange