Trending: TeCh ZoNe

Saturday, October 20, 2012

File viewer exploit | remote file upload vulnerability

"file viewer" is just another remote file upload vulnerability, it allows you to upload .html .txt and .jpg files, for shell uploading try .php.jpg or php shell uploading with extention changing |
Tamper data or Live Http headers




Dorks: "file viewer for uploader" 

                     or 
"File viewer for Uploader (c) 2003 by Dirk Paehl"


after clicking on site you'll get site url like this :

http://www.site.com/view.php

             or
http://www.site.com/directory/view.php

now replace view.php with upload.php


http://www.site.com/upload.php


 and you'll get upload options there !!!

in some sites it will ask for Name and Password
default password for these websites is Admin 


Name = Admin
Password= admin (in small letters)


 upload shell,deface,image etc...  


 LIVE EXAMPLE: 

http://www.ldcc.net.au/uploaden/-=U.H-=.html

All Rights Reserved TeCh ZoNe | Blogger Template by Bloggermint
back to top