TUTORIAL 1. searching the target with a dork "Powered By osCommerce" or "Powered By OpenCart" in google, Bing, or whatever 2. specify the target. 3. After finding the target add the code Below: "Admin / view / javascript / FCKeditor / editor / filemanager / connectors / test.html" behind the url / target (without the quotes) Exs: http://www.springfieldxd.info/buy/index.php?route=product/product&product_id=57 Become were: http://www.springfieldxd.info/buy/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html 4. After that you'll find files to upload, 5. For the connector, Replace Asp into PHP files:) 6. Well now live upload the files you ...!!! Example: upload sitelamu.html And the result is http://www.target.com/file-kamu.html Examples of targets that vuln: http://utahflowers.net/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html and the result: http://utahflowers.net/r00t.html
If you are lucky, you can also do additions Shell Into TargetFor the Dork, Use your imagination in the memperluar dork. "Powered By osCommerce" or "Powered By OpenCart" Vulnerability
0 comments:
Post a Comment