Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Exploiting Dreamweaver


Exploiting Dreamweaver

By ghostghost | 5852 Reads |
0     0

Alright, so we made a jump from FrontPage (shudders at the pure awefulness of FrontPage) to this program called Dreamweaver MX. Me and my friend where cruising through the assignments in Web Design (we knew html, and the teacher was teaching us how to do it with all this clicking and such…), so we decided to mess with Dreamweaver, and through 20 minutes, i found something fun. Anyways, here’s the step-by-step:

1.) Run Dreamweaver 2.) Find the site menu dropdown and then go to “Manage Sites…” 3.) Click new and choose site —loading time— –from here, you should have a whole new window that guides you through a wizard– 4.) name the site > next 5.) choose whether or not you want to use server technology > next 6.) Where to edit & where to store your files. Now, in the “Where do you want to store your files?” textfield, simply put C:; > next 7.) How do you want to connect to your remote server > next 8.) What folder do you want to store your files in, doesn’t really matter, first time through i just put C:; (which it will change to C:/ anyways) > next 9.) enable checking in and out of files > next 10.) summary - displays all of your choices, make sure everything you want in there is correct and hit done —LONG loading time, this is going through every file in your “site”, so it can display it. When it is done it will say “Saving cache to disk…” and finish the wizard.— 11.) Click done —loading, will search for “new and changed files”, can click stop if you’re in a hurry.

Then, you now have access to the files in C:; and can do some pretty fun stuff inside of Dreamweaver, have fun and don’t do anything stupid ;)

This article is for educational purposes only, i take no responsability for what is done through this information and was tried and true in Dreamweaver MX 2004.

Comments
ghost's avatar
ghost 18 years ago

nice little trick :D

ghost's avatar
ghost 18 years ago

Nice, I might try that at school today

ghost's avatar
ghost 18 years ago

Haha, ingenious :P Wouldn't av thought of that :p

ghost's avatar
ghost 18 years ago

very nice idea mate. clever

AldarHawk's avatar
AldarHawk 18 years ago

easier way…make a small tool in Visual Basic 6.0 and compile it. All it needs is to be a file browser. and poof you have access to ALL networked drives on your network ;)

ghost's avatar
ghost 18 years ago

Wouldn't the sourcepath key in the registry disable you from cruising drives with that kind of program?

Flaming_figures's avatar
Flaming_figures 18 years ago

Lol. How interesing- my school just downloaded dreamweaver (but for some reason the site is built on frontpage still. erg)

ghost's avatar
ghost 17 years ago

Sweet sploit, gonna try that :P

ghost's avatar
ghost 17 years ago

I must have missed the point of this article. How is this a sploit?!? That's one of the main features of Dreamweaver! If you can browse C:\ through dreamweaver, you can browse it in WinExplorer. Its still requires the proper permissions. LOL Someone please explain how this is useful in anyway?!?

ghost's avatar
ghost 17 years ago

Oh, sorry that i didn't see your reply earlier. I don't typically check comments on my articles… This isn't exactly a "sploit", it just uses dreamweaver to exploit Group Policy settings, as you MUST have certain rights to even run Dreamweaver. These rights are what allows you to do this with Dreamweaver. As with WinExplorer and MANY other programs, it's easy to disable read rights and the program would still work fine.