HACK Wordpress Websites | Open Cart CMSFile Upload vulnerability



This is Very Easy Technique Of Exploiting A Wordpress Website by Uploading A Deface Page Or Shell..!!!

                              





SO here is the Procedure how you Do it:


1- open Google.com and enter Dork:
inurl:admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
    or
    inurl:Powered By OpenCart


    http://www.schoolshopper.com.au/
    You'll Got a lot of websites by google, select anyone .
    you must have to search a lot to find good fresh vulnerable websites.:P
     For Example i got this one 
    Then i'll will simply add the vuln URL after the website 

    http://www.schoolshopper.com.au/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
    Example


    (The path May be chnaged in other Website , Examplesite.com/abc/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html)

    Now a Page will be open Like This 


    Now See The connector option which is on top left side on page, Change The Connector into PHP (see the Image below)















    and Now see file upload option and upload your deface or shell
    http://www.schoolshopper.com.au/Cyb3r_dev(1).htm

    and for checking shell or deface check this url 
      www.site.com/deface.html
      or
      www.site.com/shell.php




    Responses

    0 Respones to "HACK Wordpress Websites | Open Cart CMSFile Upload vulnerability"

    Post a Comment

    Latest From us

    Loki Bot v1.8 | Http Botnet | All Browser Stealer | Keylogger | Resident Loader | Pony Stealer 4.0

    Loki Bot - Resident Loader and Password Stealer Demo Video   Loki Bot is resident loader and password Stealer. It comes with wallet...

    Instructions

    THIS WEBSITE IS BUILT BY ME FOR EDUCATIONAL PURPOSE. IF YOU USE THIS INFORMATION TO HARM ANY SUBSTANCE OR COMMUNITY PERSONALLY AND GOT CAUGHT THAN WE ARE NOT RESPONSIBLE, EXPAND YOUR INFORMATION,SHARE UR THOUGHTS AND KNOWLEDGE WITH US. MAIL ME ON RRRICKY.SAINI2@GMAIL.COM

    Contributors

    Stay Connected

    DMCA.com
    Return to top of page Copyright © 2011 | Platinum Theme Converted into Blogger Template by devzcyberarena