Friday, July 20, 2012

IMCE Dir Exploit for Hacking Drupal Websites

Hey friends, yesterday i was going through the latest Google dorks and found really interesting stuff. You all will be amazed by knowing the functionality of that dork called as IMCE DIR exploit.

Using IMCE directory exploit we can upload our shells on websites which are made using DRUPAL platform and execute our shells and hence can easily hack the websites or simply say we can deface that website using that loophole. Actually let me provide you more information about this Drupal File Browser bug. IMCE directory opens the file browser of the website from where you can upload images to your websites, so guy for uploading your shells you need to rename your shells like say c99.php to c99.png or r60.php to r60.png etc..

Now lets learn how to deface website or hack website using this bug:
1. First of all open the Google and then type the below query in search box:

2.   Now search results will appear like below:

3. Now open the links like mentioned below:
4.  Now a File browser will open which will allow you to upload and navigate though files:

5. Now upload the shell by clicking on upload button.
6. Access the shell by double clicking on that.
7. Rest things you already know..

Note: This is only for educational purposes. Any misuse is not the responsibility of HackingLoops or me.

I hope you all have enjoyed the article... Keep Reading and keep learning new techniques to hack websites or deface websites...
If you have any doubts ask me in form of comments...


  1. Man i uploaded the Shell the c99.php.gif thingy But when i click it i see nothing but just a white blank page :|

  2. Anonymous says:
    July 21, 2012 4:14 AM
    Man i uploaded the Shell the c99.php.gif thingy But when i click it i see nothing but just a white blank page :|

    dude...try change execute file like phtml or other gudluck :)

  3. Hello excellent website! Does running a blog such as this take a large amount of work?
    I have very little understanding of programming however I had been hoping to start my
    own blog soon. Anyhow, if you have any suggestions or tips for
    new blog owners please share. I know this is
    off subject however I simply wanted to ask. Thanks!

    Visit my blog post - Nail Files ()


Please do not spam.

Designed by Hackingloops.