"Encodable" ~ another Deface and shell upload Vulnerablity



Title : "Encodable" ~ another FILEUPLOAD Vulnerablity
safe_image.php (90×90)Google Dork : "intext:File Upload by Encodable"

Lets Start .. xd
open google.com and enter this dork :  "intext:File Upload by Encodable"
result comes with 166,000 results but some results are fake ... its may be malwaers 
so pick real things only , "Upload a file"  You will this title in search results here :)
click the sites sites only which comes with upload a file title 
after click the link you'll got a upload form 
you'll saw some options in this form like name Description email etc ...
 type anything in these boxes but add a email in email box, dont use your own 
put this one billy@microsoft.com , admin@nasa.gov etc :P

now choose you file and upload it :) 

after clicking on upload button a pop up will be open ... dont close it, it will automatilcly closed 
after uploading file 

in some sites you'll got you uploaded file link after uploading on website 
and if you did not file it then try these url
/upload/files/
or /upload/userfiles/

Live Demo : http://150.101.230.65:8008/cgi-bin/filechucker.plx
Uploaded page : http://150.101.230.65:8008/upload/files/xd.html

Must Leave a Cooment because new article's Posting depends on old article's Populartiy 

"Winners Don't Do Diffrent Things, 
                            They Do things Diffrently "



Tags: , , ,


Share your views...

0 Respones to ""Encodable" ~ another Deface and shell upload Vulnerablity"

Post a Comment

Subscribe to: Post Comments (Atom)
 

About Me

Unknown
View my complete profile

© 2010 Dorks Night All Rights Reserved Thesis WordPress Theme Converted into Blogger Template by Hack Tutors.info