Thursday, 20 December 2012

Wp FckEditor Tutorial

This Method also Known as Open Cart OpenCart CMS (Web shop) Exploit, Its a old Vunerablity but many pepoles don't know this ... so i'm publishing here a tutorial here

1- open and enter
Dork: inurl:admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
inurl:Powered By OpenCart

You'll Got a lot of websites by google, select anyone ... For Example i got this one
Then i'll will simply add the vuln URL after the website


(The path May be chnaged in other Website , Example

Now a Page will be open Like This

Now See The connector option which is on top left side on page, Change The Connector into PHP

and Now see file upload option and upload your deface or shell

and for checking shell or deface check this url


Post a Comment