Friday, 6 July 2012

WEBSITE HACKING USING FCKeditor VULNERABILITY


WEBSITE HACKING USING FCKeditor VULNERABILITY

Welcome again to "torrenterz  - An approach to introduce people with the truth of HACKING".

Today i teach you how to hack a website with FCKeditor Vulnerability. 

Lets Hack

Open Google

Search for DORK
Type: "inurl:/HTMLEditor/editor/filemanager/connectors/" without quotes

You see a webpage like that


 Ok now just replace things after “connectors/to “uploadtest.html”

Example :: http://www.victim.com/HTMLEditor/editor/filemanager/connectors/uploadtest.html 



Now select the file u want to upload
Browse the file and send it to server
You will get a POPUP to successfully file uploaded.

Viewing The File:

Just go to 

“http://www.website.com/Uploaded File URL:

  

If u get errors likes

Uploder Disabled & Content Forbidden

Try Another Website
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)