Follow us on Twitter!
Imagination is more valuable than knowledge - Albert Einstein
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 30
Guests Online: 25
Members Online: 5

Registered Members: 82878
Newest Member: defcon812
Latest Articles

Exploiting Dreamweaver

Arrow Image Exploiting Dreamweaver to get access to C: - very simple!



Alright, so we made a jump from FrontPage (*shudders at the pure awefulness of FrontPage*) to this program called Dreamweaver MX. Me and my friend where cruising through the assignments in Web Design (we knew html, and the teacher was teaching us how to do it with all this clicking and such...), so we decided to mess with Dreamweaver, and through 20 minutes, i found something fun. Anyways, here's the step-by-step:

1.) Run Dreamweaver
2.) Find the site menu dropdown and then go to "Manage Sites..."
3.) Click new and choose site
---loading time---
--from here, you should have a whole new window that guides you through a wizard--
4.) name the site > next
5.) choose whether or not you want to use server technology > next
6.) Where to edit & where to store your files. Now, in the "Where do you want to store your files?" textfield, simply put C:\ > next
7.) How do you want to connect to your remote server > next
8.) What folder do you want to store your files in, doesn't really matter, first time through i just put C:\ (which it will change to C:/ anyways) > next
9.) enable checking in and out of files > next
10.) summary - displays all of your choices, make sure everything you want in there is correct and hit done
---LONG loading time, this is going through every file in your "site", so it can display it. When it is done it will say "Saving cache to disk..." and finish the wizard.---
11.) Click done
---loading, will search for "new and changed files", can click stop if you're in a hurry.

Then, you now have access to the files in C:\ and can do some pretty fun stuff inside of Dreamweaver, have fun and don't do anything stupid ;)

This article is for educational purposes only, i take no responsability for what is done through this information and was tried and true in Dreamweaver MX 2004.

Comments

chislamon November 16 2006 - 01:49:06
nice little trick Grin
mastergameron November 16 2006 - 07:32:24
Nice, I might try that at school today
BluMooseon November 16 2006 - 13:00:49
Haha, ingenious Pfft Wouldn't av thought of that Pfft
only_samuraion November 16 2006 - 16:24:00
very nice idea mate. clever
AldarHawkon November 16 2006 - 20:56:01
easier way...make a small tool in Visual Basic 6.0 and compile it. All it needs is to be a file browser. and poof you have access to ALL networked drives on your network Wink
nights_shadowon November 17 2006 - 01:02:37
Wouldn't the sourcepath key in the registry disable you from cruising drives with that kind of program?
Flaming_figureson November 17 2006 - 03:03:57
Lol. How interesing- my school just downloaded dreamweaver (but for some reason the site is built on frontpage still. erg)
thk-h3xon May 22 2007 - 06:33:49
Sweet sploit, gonna try that Pfft
TWS_Sentinelon June 14 2007 - 01:37:27
I must have missed the point of this article. How is this a sploit?!? That's one of the main features of Dreamweaver! If you can browse C:\ through dreamweaver, you can browse it in WinExplorer. Its still requires the proper permissions. LOL Someone please explain how this is useful in anyway?!?
nights_shadowon August 21 2007 - 18:43:38
Oh, sorry that i didn't see your reply earlier. I don't typically check comments on my articles... This isn't exactly a "sploit", it just uses dreamweaver to exploit Group Policy settings, as you MUST have certain rights to even run Dreamweaver. These rights are what allows you to do this with Dreamweaver. As with WinExplorer and MANY other programs, it's easy to disable read rights and the program would still work fine.
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.