interface Results editor is a New Bug in websites, it allow Hackers to edit pages remotly without any login, you can't upload .html .jpg and .phpfiles in this vulnreblity but you can make your deface as Text !! if you want to upload .html and other files then read these posts
so lets start
go to bing.com and type this dork : "inurl:interface/Results/editor/detail.asp?"
or goto google.com and type this dork : "inurl:/Results/editor/detail.asp"
select any website from serach results with Results -- Home tittle
and see edit button on page
after clicking on edit you'll got editing option, edit and replace it with your message
for example see live example:
example :
edit option : http://www.youngblood.org.pk/medicinecompanies_interface/Results/editor/edit.asp
After Editing : http://www.youngblood.org.pk/medicinecompanies_interface/Results/editor/detail.asp?CID=12345
and after editing make a Mirror (webcache), because someone can chnage it with thier own name, if site is already registerd on mirror site then goto turk-h.org and make mirror there
so lets start
go to bing.com and type this dork : "inurl:interface/Results/editor/detail.asp?"
or goto google.com and type this dork : "inurl:/Results/editor/detail.asp"
select any website from serach results with Results -- Home tittle
and see edit button on page
after clicking on edit you'll got editing option, edit and replace it with your message
for example see live example:
example :
edit option : http://www.youngblood.org.pk/medicinecompanies_interface/Results/editor/edit.asp
After Editing : http://www.youngblood.org.pk/medicinecompanies_interface/Results/editor/detail.asp?CID=12345
and after editing make a Mirror (webcache), because someone can chnage it with thier own name, if site is already registerd on mirror site then goto turk-h.org and make mirror there
Hello, my name is Aamir khan. I'm a 24year old blogger from Pakistan.
No comments:
Post a Comment
Your feedback is always appreciated. We will try to reply to your queries as soon as time allows.
Note:
1. Make sure to click the "Subscribe By Email" link below the comment to be notified of follow up comments and replies.
2. Please "Do Not Spam" - Spam comments will be deleted immediately upon our review.
3. Please "Do Not Add Links" to the body of your comment as they will not be published.
4. Only "English" comments shall be approved.
5. If you have a problem check first the comments, maybe you will find the solution there.