Sunday 29 January 2012

KindEdior Remote File Upload exploit

KindEdior Remote File Upload exploit 

image_2317127.original.jpg (250×251) 
Google Dork :
 intitle:index of? inurl:kindeditor
inurl:examples/uploadbutton.html

 exploit:http://www.vulnrabewebsite.com/path/kindeditor/examples/uploadbutton.html

Choose any website from google search results and goto vulnrabel url
like http://www.vulnrabewebsite.com/kindeditor/examples/uploadbutton.html
now click on upload n select your file, it will be automaticly uploaded,
 and you'll got your uploaded file Link/URL there, and if you can't get your uploaded file link then goto http:// www.vulnrabewebsite.com/path/kindeditor/attached/file/
and you'll se lot of folders here, click on last folder and in the folder click on last file, its your uploaded file ..Enjoy & Must leave a Comment if you want more exploit like that, because 
new article's posting depends on old article's popularity

Live Demo : 
http://www.arimlab.com/themes/default/js/kindeditor/examples/uploadbutton.html

No comments:

Post a Comment