Sunday, February 12, 2012

Google dork "Index of /sh3llZ" allows you to find shell uploaded by hackers

Usually hackers upload shell to victim's site using the vulnerability in that website. Shell allows hackers to hack/deface the website. Sometimes hackers left the shell in the vulnerable sites.  Here is simple google search allows you to find a shell uploaded by hackers.

Use one of the following google dork to find the shell:
  • intitle:index of/sh3llZ
  • "Index of /sh3llZ"
  • "/sh3llZ/uploadshell/uploadshell.php"
This will show the list of sites that has a sh3llZ folder. Probably, there will be link to c99 shell.  If you click the link, it will land you in a shell page. Using that shell, you can upload your own shells or deface the sites.


Share This Article on Twitter/Facebook/Blog/Forum or Anywhere:

New Post Older Post Home

© Break The Security. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com