The error FCKeditor (referred to as FCK) was discovered about 4 years ago, today Ad happened to try again and it turned out that there are still many unfixed sites, including some Vietnamese sites.
| Join the channel Telegram of the AnonyViet 👉 Link 👈 |
Exploiting the FCK error on the Website helps us to upload any file to the victim’s Web without Admin rights.
Today I will guide you to exploit this error, note, some sites go to the right path but can’t be uploaded because the website admin has fixed it, so I should find another site to exploit.
This article is for educational and research purposes only. You do not take advantage to destroy or damage the reputation of other people’s Website
How to proceed:
Step 1: Go to Google and type the command
inurl:fckeditor/editor/filemanager/connectors/uploadtest.html
Or click the link below for quick: FCK . mining link
Step 2: Go to one of the Websites listed by Google, to conduct error exploitation
VD: http://www.livegaya.com/public/fckeditor/editor/filemanager/connectors/
Step 3:
Click on the link uploadtest.html
There will be an upload table here
http://www.livegaya.com/public/fckeditor/editor/filemanager/connectors/uploadtest.html
Note:
- Select the “File Uploader” to use: Choose PHP
- Upload a new file: Upload a txt file to see. In the picture I will upload the file hacked.txt
- Press Send it to Server to upload
Uploaded File URL: This is the file path that has been uploaded to the Website.
So my newly uploaded file will have the path as:
http://www.livegaya.com/userfiles/hacked.txt
Good luck!
![[Lập Trình Game] Instructions for using AutoTile when designing games with Godot](https://anonyviet.com/wp-content/uploads/2020/04/image005.png "[Lập Trình Game] Instructions for using AutoTile when designing games with Godot")