Shop737 - File Upload Vulnerabilities
Finding Vulnerable Target
Dork: intext:"Powered by Shop737"
1- Copy and paste this dork on Google.
2- Choose any site as your target.
3- Once you clicked on your target, you will see something like this,
Exploiting Target
1- To enable upload mode, you need to change a little bit the website URL.
Change index.php to upload.php
Example :
http://asdijateng.org/poto/index.php?
to
http://asdijateng.org/poto/upload.php
Hit enter and you will get an admin login prompt,
2- Simply enter the username and password as below:
User Name : admin
Password : admin
3- After you click Log In , you will get something like this,
4- As you can see, there is "Buat kategori baru:" , fill in the field your new category name as you like :)
Below the text, there is "Keterangan kategori:" , just leave it empty and just click the "Buat Kategori" button.
5- Or you can just simply browse your file and click upload.
6- If your file is successfully uploaded, it will be in directory /poto/[category_name]/yourfile.txt
Example:
www.site.com/poto/kd.txt
www.site.com/poto/bcc/kd.txt