Main » Articles » Web Hacking » Exploits and Vulenrablities

FCKEDITOR: REMOTE FILE UPLOAD EXPLOIT
Dork: intitle:"FCKeditor - Uploaders Tests"


Exploit: http://website.domain/fckeditor/editor/filemanager/connectors/uploadtest.html


By searching this dork you will get many websites, Goto to the above mentioned URL and you will get the FCKeditor there. Change the file uploader to PHP then select your .txt deface and click on send it to the server. If the file is uploaded sucessfully you will get a alert saying "File Uploaded with no errors" .
See you deface here:


http://www.website.domain/userfiles/yourfilehere
http://www.website.domain/path/userfiles/yourfilehere


Note: Some websites even allow to upload .html and .jpg files also.


Category: Exploits and Vulenrablities | Added by: MaX-HaCker (12.07.12)
Views: 1262 | Rating: 4.3/3
Total comments: 0
Only registered users can add comments.
[ Registration | Login ]
Recommend on Google

Designed By [#]./3X3.R()()T
Like Us on Facebook Follow Us on Twitter Subscribe Us on Youtube WWW.GeniusHackers.NET © 2024
Founder and CEO of GeniusHackers [#] /3x3.R()()T
Hosted by uCoz
Hosted by uCoz