Pages

Subscribe:

Wednesday, February 29, 2012

Web Hacking: Deface and Shell Upload Vulnerability

Some of sites have file upload option. You can use this vulnerability and upload your deface and shell. Let's see about this vulnerability.



Google Dork : "intext:File Upload by Encodable"

First open google.com and put intext:File Upload by Encodable in search box. You have got so many result. But all are not our vulnerable sites. You must select sites which have a title Upload a File. Open a site and you can see a upload form in the site. Give any description. You may give email address like admin@microsoft.com or leader@nasa.gov


Now choose your file and upload it.. Lolz our work already finish. After upload you need to find the link. For find the link you may try this url

/upload/files/
or /upload/userfiles/
Happy Hacking... xd 

4 comments:

  1. you are aware this link does not work right?

    ReplyDelete
  2. ok demo isn't working.. but you can follow the instraction..

    ReplyDelete
  3. Mate, Does this bug allow attacker to upload shells?

    ReplyDelete
  4. Hey can you send me the xd.html ... please ?

    give me your email address.

    ReplyDelete

Related Posts Plugin for WordPress, Blogger...
 

Alexa Rank

Review www.allitemz.blogspot.com on alexa.com

Blog Archive

Total Pageviews

Your IP

what is my ip address?
back to top