how to upload deface remotly
this method also known as open cart opencart cms (web shop) exploit, its a old vunerablity but many pepoles don't know this ... so i'm publishing here a tutorial here

1- open and enter dork:


nurl:powered by opencart
you'll got a lot of websites by google, select anyone ... for example i got this one
school shopper home page
then i'll will simply add the vuln url after the website

fckeditor - connectors tests

(the path may be chnaged in other website ,

now a page will be open like this

now see the connector option which is on top left side on page, change the connector into php (see the image below)

and now see file upload option and upload your deface or shell
and for checking shell or deface check this url