Menu
 

Hello friends this is a upload vulnerability that allow you to upload your shell on the web server...so lets begin ..


Goto: google.com and
Enter this dork : "intext:File Upload by Encodable"

The search result open up with 166,000 results but some results are fake ... its may be malwaers
so pick real things only , "Upload a file" You will this title in search results here :)

click the sites sites only which comes with upload a file title
after click the link you'll got a upload form
you'll saw some options in this form like name Description email etc ...
type anything in these boxes but add a email in email box, dont use your own
put this one billy@microsoft.com , admin@nasa.gov etc :P

now choose you file and upload it :)

after clicking on upload button a pop up will be open ... dont close it, it will automatilcly closed
after uploading file

in some sites you'll got you uploaded file link after uploading on website
and if you did not file it then try these url
/upload/files/
or /upload/userfiles/

Live Demo


Live Demo : http://150.101.230.65:8008/cgi-bin/filechucker.plx
Uploaded page : http://150.101.230.65:8008/upload/files/darksite/Untitled.jpg


Hope You Liked My This Tutorial...Must Leave a Cooment because new article's Posting depends on old article's Populartiy Thanks :)

Post a Comment

Feel Free To Ask Your Query we Love To Answer

 
Top