Encodable Shell File upload is also a vulnerability in which we can upload our DEFACE PAGES or SHELLS...
STEPS:
1) Goto google and type in the following dork:
2) Many results will be there but some of them will be fake ! So you just want to open of which 's title is "Upload File" or something like that!
STEPS:
1) Goto google and type in the following dork:
"intext:File Upload by Encodable"
2) Many results will be there but some of them will be fake ! So you just want to open of which 's title is "Upload File" or something like that!
3) Now you will get this upload form ! Fill it and choose your DEFACE PAGE or SHELL ! Dont type in you real email address in the EMAIL ADDRESS textbox! Write anything in email address text box like "admin@yahoo.com" "bius@biaas.com" enter the captcha and press begin upload!
4) Now the website will give you the URL of your file! or if they doesnt give you then try typing these after "site.com/" :
upload/files/
upload/userfiles/
5) Open the URL and here you go...! You will get the shell if you upload shell! and deface page if you upload DEFACE PAGE
ENJOY... :)
HAPPY HACKING
HAPPY HACKING
THANKS 4 VISITING OUR BLOG!
This comment has been removed by a blog administrator.
ReplyDelete