wordpress fckeditor upload Vunerablity : Upload Your Deface Remotly



wordpress-bug-300x276.png (300×276)
This Method also Known as Open Cart OpenCart CMS (Web shop) Exploit, Its a old Vunerablity but many pepoles don't know this ... so i'm publishing here a tutorial here 

1- open Google.com and enter Dork:



  • inurl:admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
    or
    • nurl:Powered By OpenCart
    You'll Got a lot of websites by google, select anyone ... For Example i got this one 
    • http://www.schoolshopper.com.au/
    Then i'll will simply add the vuln URL after the website 

    Example
    • http://www.schoolshopper.com.au/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html

    (The path May be chnaged in other Website , Examplesite.com/abc/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html)

    Now a Page will be open Like This 



    Now See The connector option which is on top left side on page, Change The Connector into PHP (see the Image below)













    and Now see file upload option and upload your deface or shell
    and for checking shell or deface check this url 
    • www.site.com/deface.html
    • or
    • www.site.com/shell.php
    I have uploaded xd.html here so you can check http://www.schoolshopper.com.au/xd.html

    comment here if you have any problem in this tut 
    Victoire
    some demo for Practice (maybe some websites patched its my old collection so... )



    • http://ruthsgarden.com/jaihind.html
    • http://www.utahflowers.net/jaihind.html
    • http://www.eesnet.org/jaihind.html
    • http://bestonlinediscounts.net/
    • http://wenrestaurant.com/
    • http://ruthsgarden.com/
    • http://www.utahflowers.net/
    • http://www.inlove.my/
    • http://megamall.com.pk/
    • http://stefanyboutique.com/
    • http://www.virtualgeorge.info/
    • http://iphoneclone.biz/
    • http://amourcristallis.com/
    • http://www.eesnet.org/
    • http://www.schoolshopper.com.au/
    • http://www.mymaxi.nl/
    • http://wiretek.net/
    • http://shop.tjokgus.com/
    • http://www.aquariumsystem.it/
    • http://uae-shopper.com/
    • http://organicjewelries.com/
    • http://www.granmasantiques.com/
    • http://avocadogenie.com/
    • http://www.inputandanalysis.com
    • http://eddiegifts.com/
    • http://bestonlinediscounts.net/
    • http://wenrestaurant.com/
    • http://ruthsgarden.com/
    • http://www.utahflowers.net?/
    • http://www.inlove.my/
    • http://megamall.com.pk/
    • http://stefanyboutique.com?/
    • http://www.inputandanalysis.com/
    • http://www.virtualgeorge.info/
    • http://iphoneclone.biz/
    • http://amourcristallis.com?/
    • http://www.eesnet.org/
    • http://www.schoolshopper.com.au/
    • http://www.mymaxi.nl/
    • http://wiretek.net/
    • http://shop.tjokgus.com/
    • http://www.aquariumsystem.it/
    • http://uae-shopper.com/
    • http://organicjewelries.com/
    • http://www.granmasantiques.com/
    • http://avocadogenie.com/
    • http://www.inputandanalysis.com/
    • http://www.utahflowers.net/
    • http://stefanyboutique.com/
    • http://amourcristallis.com/

    No comments:

    Post a Comment

    Note: only a member of this blog may post a comment.

    Subscribe to: Posts (Atom)