API tools faq
paste
Advertisement
Kyfx

Tutorial Deface Ajax File Manager | File Upload Vulnerabilit

Kyfx
Feb 18th, 2015
506
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.09 KB | None | 0 0
raw download clone embed print report
  1. Credits to haurgeulis
  2.  
  3. This time I will share how to deface the exploits
  4. Ajax File Manager | File Upload Vulnerability .
  5. Exploitnya very easy to put into practice.
  6. Suitable for newbie just learning to deface, rich mine :).
  7. Okay, we just started. Hehehe.
  8.  
  9. Example:http://dulichhoangnguyen.com/plugins/tinymce/plugins/ajaxfilemanager/ajaxfilemanager.php?page=51
  10.  
  11. Dork:
  12. inurl: "ajaxfilemanager.php? page =" intitle: "ajax file manager" (developed its own)
  13. . Files ending in .txt Steps: 1. Start search in google with dork targets above. :)
  14.  
  15.  
  16.  
  17. Then upload files pal. File h aru s extension .txt. Sebaagi example, I menguplaod filedengan name Haurgeulis .txt
  18. If so, click the file that was uploaded pal.
  19.  
  20.  
  21. Will open a link where the file is located pal. :)
  22. http://dulichhoangnguyen.com/data/upload/haurgeulis.txt
  23.  
  24.  
  25.  
  26. Here are some site hacked by him :)
  27.  
  28. http://www.cansigliocard.it/uploads/haurgeulis.txt
  29. http://www.bajkolandiasalazabaw.pl/content/images/haurgeulis.txt
  30. http://www.academconsult.ru/uploaded/haurgeulis.txt
  31. http://dulichhoangnguyen.com/data/upload/haurgeulis.txt
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!