Monday, March 10, 2014

File upload vulnerability


1). Go to Google.com and type given below dork..
 allinurl: /cgi-bin/filechucker.cgi



2). Choose a site having title like “Upload a file”,

3). Fill all the fields and upload your deface page or shell..! 
4). Its Uploded :D You just hacked a site !!
As said above now we just have to upload our Deface page here the file uploaded url is given in example if not given you can found your uploaded file at.
example.com/upload/files     or
example.com/upload/userfiles
Here we have uploded our deface page...


Only for Educational purposes..!!

0 on: "File upload vulnerability"