Here we will be using Tiny MCE Ajax File Manager to upload our shell.
TinyMCE AjaxFileManager Shell Upload is a vulnerability in TinyMCE which allows simple upload of .txt .jpg .png .jpeg .bmp and in some cases even allows us to upload PHP shell or a deface page.
The Dork: inurl:/tiny_mce/plugins/filemanager/
The dork will bring up this image.
This is the exploit
http://[localhost]/[path]/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
http://[localhost]/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
Navigate to any of the above links (any one of them will be present) and check the top right corner, you will see a upload option there. Click on it, select your file and click on upload.
To view your uploaded file visit
Good luck. Have fun. Make babies.
TinyMCE AjaxFileManager Shell Upload is a vulnerability in TinyMCE which allows simple upload of .txt .jpg .png .jpeg .bmp and in some cases even allows us to upload PHP shell or a deface page.
The Dork: inurl:/tiny_mce/plugins/filemanager/
The dork will bring up this image.
This is the exploit
http://[localhost]/[path]/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
http://[localhost]/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
Navigate to any of the above links (any one of them will be present) and check the top right corner, you will see a upload option there. Click on it, select your file and click on upload.
To view your uploaded file visit
Good luck. Have fun. Make babies.
Verified & Trusted WesternUnion | MoneyGram | Bank - Transferring [299$ BTC for 2000$ WU]
Verified & Trusted Electronics Carding, Carding iPhone, Samsung Carding, MacBook Carding, Laptops Carding
