Shop737 - File Upload Vulnerabilities

Finding Vulnerable Target

Dork: intext:"Powered by Shop737"

1- Copy and paste this dork on Google.

2- Choose any site as your target.

3- Once you clicked on your target, you will see something like this,

Exploiting Target

1- To enable upload mode, you need to change a little bit the website URL.

Change index.php to upload.php


Example :

http://asdijateng.org/poto/index.php?

to

http://asdijateng.org/poto/upload.php


Hit enter and you will get an admin login prompt,

2- Simply enter the username and password as below:

User Name : admin
Password : admin


3- After you click Log In , you will get something like this,

4- As you can see, there is "Buat kategori baru:" , fill in the field your new category name as you like :)

Below the text, there is "Keterangan kategori:" , just leave it empty and just click  the "Buat Kategori" button.

5- Or you can just simply browse your file and click upload.

6- If your file is successfully uploaded, it will be in directory /poto/[category_name]/yourfile.txt

 Example:

www.site.com/poto/kd.txt
www.site.com/poto/bcc/kd.txt