hi everyone
in this article i will show you how to hack website using file upload forms
before stating you have to find some vulnerable site to upload files like
shells.By uploading shell you can takeover the database of a site.
here are some dorks for finding file upload forms
Index of /fckeditor/editor/filemanager/connectors/
inurl:"/imce?dir=" intitle:"File Browser"
inurl:rte/my_documents/my_files
inurl:/my_documents/my_files/
intitle:Max's AJAX File Upload - AJAX F1
Powered by AJAX F1
intitle:File Uploader intext:Powered by AJAX F1
now click on any results
and you will enter to the link where you can upload your files
now upload the shell
before uploading change the extension of the shell to jpg or html
because it most of the sites do not accept files in .php or .asp etc .
hope you like this article
if you have any doubts you can leave your comments
and please like our facebook page
No comments:
Post a Comment