Skip to content

Gameye98/FaDe

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.images
.images
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
fade.py
fade.py
 
 

Repository files navigation

FaDe

Fake deface with kindeditor, fckeditor and webdav is only add new files to the server, without touching anything on the server.

Method

~ KindEditor - upload files on the server with remote file upload exploit
~ FCKEditor - fckeditor all version arbitary vulnerability
~ WebDAV - webdav file upload exploiter uses the PUT method that allows clients to upload and replace files on the server

Screenshot

Installation and Using FaDe

apt-get install git python python-requests

git clone https://github.com/Gameye98/FaDe

python fade.py --method=method_name --file=<html|img>

Example

fade --method=kindeditor --file=/path/example.png

fade --method=fckeditor --file=/path/example.html

fade --method=webdav --file=/path/example.html

Live Target

KindEditor: http://www.nb-medicalsystem.com/kindeditor/examples/uploadbutton.html
Dork: inurl:/uploadbutton.html

FCKEditor: http://amarantenet.com.br/portal/editor/editor/filemanager/upload/test.html
Dork: inurl:/editor/editor/filemanager

WebDAV: http://ladesignstudio.co.za
Dork: intext:"(IIS)" ext:asp site:co.za

Contact Me

Line : dtl.lily
Telegram : @dtlily
Facebook : cgi.izo

About

Fake Deface

Resources

Readme

License

GPL-2.0 license
Activity

Stars

17 stars

Watchers

2 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages