Hello friends here is Another Remote Upload Vulnerability, its TinyMCE ajaxfilemanager.
you can easily upload your desired web page and hack the site easily...
so lets do it..
Open Google.com and enter this dork :GOOGLE DORK
"tiny_mce/plugins/ajaxfilemanager"
select the website you want to hack form search results
the vuln website will be like given below
http://site.com/[path]/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
you can upload .txt],[.jpg],[gif],[bmp] files here ... you can upload your shell in some sites as php;.jpg but in most sites you can upload txt deface only :|
You'll see your uploded file here
http://site.com/images/yourfilehere
or http://site.com/uploded/tmp/yourfilehere
Note: The Path May be chnaged in other websites, I' Not sure about it.
DO share this information and tell you friends to like us in Facebook to learn new hacking stuff...Stay connected with DARKSITE
Home
»
Hacking
»
RTE Vulnerability
»
Website Hacking
»
Website Vulnerability
» TinyMCE ajaxfilemanager remote File Upload Vulnerability for defacing site ealisly
Subscribe to:
Post Comments (Atom)
Post a Comment
Post a Comment
Feel Free To Ask Your Query we Love To Answer