inurl:fckeditor -intext:"ConfigIsEnabled = False" intext:ConfigIsEnabled

• SHDB
• 1578 阅读

• 日期：2015-01-12
• 类别：
  • Advisories and Vulnerabilities
• 作者：anonymous
• 语法：inurl:fckeditor -intext:"ConfigIsEnabled = False" intext:ConfigIsEnabled

• inurl:fckeditor -intext:"ConfigIsEnabled = False" intext:ConfigIsEnabled

  Searches for fckeditor default url and which has a config.asp file where configisenabled = true. Unable to search for true value directly because file contains 'example' which could lead to false positive. If found, traversing two directories up to /connectors/ should present an uploadtest.html file.

  This may be old, though the existing DORKS didn't call it out specifically, and google still gives a lot of hits.