This is Very sy Technique Of ing A Wordpress Website by Uploading A Deface Page Or Shell..!!!
SO here is the Procedure how you Do it:
1- open Google.com and enter Dork:inurl:admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
orinurl:Powered By OpenCart
http://www.schoolshopper.com.au/
You'll Got a lot of websites by google, select anyone .you must have to srch a lot to find good fresh vulnerable websites.:PFor Example i got this oneThen i'll will simply add the vuln URL after the website
http://www.schoolshopper.com.au/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
Example
(The path May be chnaged in other Website , Examplesite.com/abc/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html)
Now a Page will be open Like This
Now See Theconnector option which is on top left side on page, Change The Connector into P (see the below)
and Now see file upload option and upload your deface or shellhttp://www.schoolshopper.com.au/Cyb3r_dev(1).htm
and for checking shell or deface check this urlwww.site.com/deface.html
or
www.site.com/shell.p
No comments:
Post a Comment