Hey guyzz this a very short tutorial , actually its a RTE -file upload vulnerbility of Webwiz websites .
Webwiz rich text editor HTML is carried in the open after they are sent char due functioning of the page .
>Google Dorks:these dorks will help you to find vulnerable websites
inurl:rte/my_documents/my_files
inurl:/my_documents/my_files/
:
site.com/rte/RTE_popup_file_atch.asp
site.com/admin/RTE_popup_file_atch.asp
FOR example
Site:-http://www.nftmo.com/RTE_popup_file_atch.aspyou can also upload a shell or directly your deface page shell format:-shell.asp;.jpg
site:
http://www.nftmo.com//my_documents/my_files/Cyb3r_dev.htm
note: use this at your own risk coz many websites are now olrdy infected by backdoors.
thnxx for rding it..:)
No comments:
Post a Comment