OpenCart vulnerability
With the OpenCart vulnerability you can either upload a deface or hack a website easier than ever before!
Steps:
1) Use this google Dork: Index of /fckeditor/editor/filemanager/connectors/
2)Now open a site that shows files and folders. Navigate to connectors if it's not there already and press the file test.html
3) Now, change the settings from ASP to PHP, select where your file will be uploaded (default is root), browse your shell and press upload. Now you have a shell uploaded!
4) If it doesn't let you upload php, upload your deface in html or if that's disabled too, try uploading it as an image or use some special shells with image extentions.
5) If none of these work then your target is not vulnerable!
Steps:
1) Use this google Dork: Index of /fckeditor/editor/filemanager/connectors/
2)Now open a site that shows files and folders. Navigate to connectors if it's not there already and press the file test.html
3) Now, change the settings from ASP to PHP, select where your file will be uploaded (default is root), browse your shell and press upload. Now you have a shell uploaded!
4) If it doesn't let you upload php, upload your deface in html or if that's disabled too, try uploading it as an image or use some special shells with image extentions.
5) If none of these work then your target is not vulnerable!
Comments
Post a Comment