Fileupload Gunner Project May 2026

python gunner.py --url "http://targetsite.com/upload.php" --file "shell.php" --proxy "http://127.0.0.1:8080"

Arguments:

Never trust Content-Type headers. The Gunner will send image/jpeg but with PHP content. Instead, use file --mime-type (Unix) or a library like filetype to read the magic bytes of the actual file stream.

Example: Python + FastAPI chunked upload handler fileupload gunner project

from fastapi import FastAPI, UploadFile, HTTPException
import os
app = FastAPI()
UPLOAD_DIR = "uploads"
os.makedirs(UPLOAD_DIR, exist_ok=True) python gunner
@app.post("/upload")
async def upload_chunk(file: UploadFile, chunk_index: int, total_chunks: int, filename: str):
temp_path = os.path.join(UPLOAD_DIR, f"filename.part")
with open(temp_path, "ab") as buffer:
content = await file.read()
buffer.write(content)
# If last chunk, rename to final file
if chunk_index == total_chunks - 1:
    final_path = os.path.join(UPLOAD_DIR, filename)
    os.rename(temp_path, final_path)
    return "status": "complete", "path": final_path
return "status": "receiving", "chunk": chunk_index