Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


Invalid File Type - FCKeditor - Shell Uploading

  • 1 Vote(s) - 5 Average


10-22-2014, 08:51 PM #1
b4ckd00r Offline Junior Member **
Registered
Posts:17 Threads:4 Joined:Sep 2014 Reputation: 1
Mood: Hacker
Friends i am not getting to Bypass upload of my shell via FCKeditor.

Types of files that i Try to Upload shell and Bypass.

shell.jpg.php
shell.jpg.PhP
shell.php;.jpg
shell.php%0delete0.jpg
shell.php.test
shell.php.xxxjpg
shell.phtml
shell.php3/.php4/.php5
shell.png
shell.gif
shell.txt

but i am not getting to bypass.
i think the bug of FCKeditor is fixed.
Can anyone Help me to solve this Problem?


Attached Files Thumbnail(s)
   

10-22-2014, 09:25 PM #2
the nightmare Offline TeaM MaDLeeTs ***
TeaM MaDLeeTs
Posts:301 Threads:49 Joined:Apr 2014 Reputation: 8
Mood: Hacker
try to upload .htaccess file to make jpg format run like php

10-22-2014, 09:38 PM #3
b4ckd00r Offline Junior Member **
Registered
Posts:17 Threads:4 Joined:Sep 2014 Reputation: 1
Mood: Hacker
the file gives the same error, must be Htaccess.Htaccess or Htaccess.txt or something ?

10-22-2014, 10:18 PM #4
Altair Offline MadLeets Lover *****
MaDLeeTs LoVer
Posts:79 Threads:8 Joined:May 2014 Reputation: 9
Mood: Dreamy
b4cd00r send me a website url private message, i try it for you

Telegram Chat room for MaDLeeTs members
https://t.me/joinchat/AAAAAAw32DdRbrjMJYstlg          


10-23-2014, 02:48 AM #5
T3N38R15 Offline ? lawless-coder *****
Moderators
Posts:790 Threads:48 Joined:Jan 2014 Reputation: 126
Mood: Fine
you can send me the url too Smiley1

[Image: xodhvlpa.jpg]
[Image: test.php]

10-23-2014, 05:53 AM #6
b4ckd00r Offline Junior Member **
Registered
Posts:17 Threads:4 Joined:Sep 2014 Reputation: 1
Mood: Hacker
Thank you friends i have done it. Smiley1

10-23-2014, 06:37 AM #7
D30N3 Offline TeaM MaDLeeTs ***
TeaM MaDLeeTs
Posts:31 Threads:0 Joined:Oct 2014 Reputation: 3
Mood: Thinking
Simply explain it and let us know the method please.

B 1 with Every 1

10-23-2014, 07:44 PM #8
Not1fy Offline Junior Member **
Registered
Posts:4 Threads:0 Joined:Oct 2014 Reputation: 0
Mood: None
Are you tried with Tamper data?

Security is just an Illusion [Image: terminal.gif]





10-24-2014, 02:34 PM #9
Altair Offline MadLeets Lover *****
MaDLeeTs LoVer
Posts:79 Threads:8 Joined:May 2014 Reputation: 9
Mood: Dreamy
share with us how to done it

Telegram Chat room for MaDLeeTs members
https://t.me/joinchat/AAAAAAw32DdRbrjMJYstlg          


10-25-2014, 11:15 PM #10
b4ckd00r Offline Junior Member **
Registered
Posts:17 Threads:4 Joined:Sep 2014 Reputation: 1
Mood: Hacker
i have done this with firefox temper data, first upload the file anon.htaccess in anon.text format, and then change the name in temper data to anon.htaccess and then upload your shell via http://www.site.com/admin/FCKeditor

Smiley1






Forum Jump:


Users browsing this thread:1 Guest(s)