inurl:fckeditor -intext:"ConfigIsEnabled = False" intext:ConfigIsEnabled

  • 日期:2015-01-12
  • 类别:
  • 作者:anonymous
  • 语法:inurl:fckeditor -intext:"ConfigIsEnabled = False" intext:ConfigIsEnabled
  • inurl:fckeditor -intext:"ConfigIsEnabled = False" intext:ConfigIsEnabled

    Searches for fckeditor default url and which has a config.asp file where configisenabled = true. Unable to search for true value directly because file contains 'example' which could lead to false positive. If found, traversing two directories up to /connectors/ should present an uploadtest.html file.

    This may be old, though the existing DORKS didn't call it out specifically, and google still gives a lot of hits.