Skip to main content


Showing posts with the label Exploit

IMCE Mkdir remote deface,upload & exploits

What is IMCE Mkdir ? IMCE Mkdir is a remote file upload vulnerability on drupal platform, normally you can upload .txt, .png , .jpg and .gif extensions on websites but some sites allows you to upload .html files , if you want to upload shell on website then try in .phtml extension . Google Dork inurl:"/imce?dir=" intitle:"File Browser" Exploit Shell Access* ----or-----* * Change the website name with your vulnerable website and abc with directory Step 1 : First of all find a vulnerable website using google dork stated above . Step 2: After opening site go to and find upload option there . Example : Step 3 : Now Upload your file which must be in either of the format : .jpg , .gif , .png , .html , .phtml , .pdf etc. Step 4 : To access your shell/defa