Wordpress FCKeditor File Upload Vulnerability - Exploits and Vulenrablities - Web Hacking - Hacking - GeniusHackers.Net
Main » Articles » Web Hacking » Exploits and Vulenrablities

Wordpress FCKeditor File Upload Vulnerability
Hello Readers In this Tutorial I will tell you how to hack web sites with Wordpress Fckeditor File Upload Vulnerability.This Method also Known as Opencart remote file Upload Vulnerability Exploit, Its a old Vulnerability but many peoples don't know this .... So i'm publishing here a tutorial here.

I will show you how to hack a Remote File Upload Vulnerable websites. It is very easy and similar to other hacking attacks. I will show you how to find your target and how to enter into the target website and upload your files. 


Some easy Steps to Performing Attack..... 


* First you find Vulnerable Website by using Google Dork. 

Go to  Google and type these Google Dorks.
  
inurl:admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html  

 or

inurl:Powered By OpenCart


Now you will see lots of websites. Pick Anyone For Example I got this one

  http://www.targetsite.com


Then I'll will simply add the vulnerable URL after the website

Example :
http://www.targetsite.com./admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html 


- Note : The path May be chnaged in other Website , Example site.com/abc/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html


 Now a Page will be open Like This 

Now See The connector option which is on top left side on page, Change The Connector into PHP (See the Image below)



Now We Can Upload Files From Our Computer. Press Browse and select your file and click Upload selected files. 

 We have Uploaded our PHP Shell. Now to navigate to our shell.

www.targetsite.com/deface.html
or
www.targetsite.com/shell.php 

May be some websites patched its my old collection so. You Can Download Website List For Practicing



If you like this post then don’t forget to share it and If you are getting any problem regarding to this feel free to comment :) 
Category: Exploits and Vulenrablities | Added by: max_hacker (12.07.26)
Views: 480 | Rating: 5.0/1
Total comments: 0
Only registered users can add comments.
[ Registration | Login ]
Like us on FacebookFollow us on Twitter
Recommend on Google
Our Media
Our Media

Our Blog
Our Blog

Designed By [#]./3X3.R()()T
Like Us on Facebook Follow Us on Twitter Subscribe Us on Youtube WWW.GeniusHackers.NET © 2016
Founder and CEO of GeniusHackers [#] /3x3.R()()T
Hosted by uCoz
Hosted by uCoz