Exploiting Dreamweaver
Exploiting Dreamweaver
ghost | 5693 Reads | Alright, so we made a jump from FrontPage (shudders at the pure awefulness of FrontPage) to this program called Dreamweaver MX. Me and my friend where cruising through the assignments in Web Design (we knew html, and the teacher was teaching us how to do it with all this clicking and such…), so we decided to mess with Dreamweaver, and through 20 minutes, i found something fun. Anyways, here’s the step-by-step:
1.) Run Dreamweaver 2.) Find the site menu dropdown and then go to “Manage Sites…” 3.) Click new and choose site —loading time— –from here, you should have a whole new window that guides you through a wizard– 4.) name the site > next 5.) choose whether or not you want to use server technology > next 6.) Where to edit & where to store your files. Now, in the “Where do you want to store your files?” textfield, simply put C:; > next 7.) How do you want to connect to your remote server > next 8.) What folder do you want to store your files in, doesn’t really matter, first time through i just put C:; (which it will change to C:/ anyways) > next 9.) enable checking in and out of files > next 10.) summary - displays all of your choices, make sure everything you want in there is correct and hit done —LONG loading time, this is going through every file in your “site”, so it can display it. When it is done it will say “Saving cache to disk…” and finish the wizard.— 11.) Click done —loading, will search for “new and changed files”, can click stop if you’re in a hurry.
Then, you now have access to the files in C:; and can do some pretty fun stuff inside of Dreamweaver, have fun and don’t do anything stupid ;)
This article is for educational purposes only, i take no responsability for what is done through this information and was tried and true in Dreamweaver MX 2004.
AldarHawk 17 years ago
easier way…make a small tool in Visual Basic 6.0 and compile it. All it needs is to be a file browser. and poof you have access to ALL networked drives on your network ;)
ghost 17 years ago
Wouldn't the sourcepath key in the registry disable you from cruising drives with that kind of program?
Flaming_figures 17 years ago
Lol. How interesing- my school just downloaded dreamweaver (but for some reason the site is built on frontpage still. erg)
ghost 16 years ago
I must have missed the point of this article. How is this a sploit?!? That's one of the main features of Dreamweaver! If you can browse C:\ through dreamweaver, you can browse it in WinExplorer. Its still requires the proper permissions. LOL Someone please explain how this is useful in anyway?!?
ghost 16 years ago
Oh, sorry that i didn't see your reply earlier. I don't typically check comments on my articles… This isn't exactly a "sploit", it just uses dreamweaver to exploit Group Policy settings, as you MUST have certain rights to even run Dreamweaver. These rights are what allows you to do this with Dreamweaver. As with WinExplorer and MANY other programs, it's easy to disable read rights and the program would still work fine.