So here is a new eggBlog Vulnerability that allow user to upload arbitrary files (if you know what i mean ha ha :) ).
lets get into it.
Hack Using Shell Upload
Go to google type powered by in search box.
Google Dork:"powered by"
You will get a list of search result now choose a link(like shown below)

Select any url ([path])and replace it with this one[path]/_lib/openwysiwyg/addons/imagelibrary/insert_image.php?wysiwyg=

Hack Using Shell Upload
now all you have to do now is upload you file(shell/whatever you like )
and access it with this kina url.


Live demo:




    So All the best hackers :)
  • Post a Comment

    Feel Free To Ask Your Query we Love To Answer