HomeclosedFAQRegisterLog in

Share | 
 

 Drupal Remote File Upload Vulnerability

Go down 
AuthorMessage
V1P3R
WhiteHat Support
WhiteHat Support
avatar

Posts : 76
White Hat Points : 202
White Hat Reputation : 10
Join date : 2013-07-30

PostSubject: Drupal Remote File Upload Vulnerability    Wed Aug 14, 2013 11:02 am

1) Search this google dork:
Code:
inurl:"/imce?dir="
intitle:"File Browser"
2) Click on any link that its title is "File Browser" among with something else

so you will find Screen like this
[You must be registered and logged in to see this image.]

3) Click on the "Upload" button

4) Upload your Deface Page

5) Click the link in the box to View the URL ...

_________________
Mess with the Best, Die like the Rest
Back to top Go down
xL337
VIP
VIP
avatar

Posts : 19
White Hat Points : 43
White Hat Reputation : 6
Join date : 2013-08-27

PostSubject: Re: Drupal Remote File Upload Vulnerability    Wed Aug 28, 2013 7:43 am

Old but still working. Thanks for sharing! Smile
Back to top Go down
 
Drupal Remote File Upload Vulnerability
Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
Home of Ethical White Hat Hackers :: White Hat Hackers Community :: Hacking & Security Tutorials-
Jump to: