Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload

• Exploit Database
• 37 阅读

• 作者： Setr0nix
  日期： 2010-10-30
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/15353/

• =========================================================================================================
  [#]Type: Joomla Component com_jfuploader < 2.12 Remote File Upload
  [#]Author: Setr0nix
  [#]Home: www.Setr0nix.com
  [#]Contact : Admin@Setr0nix.com
  =========================================================================================================
  
  [#]Exploit :
   1. Register 
  	 2. http://127.0.0.1/index.php?option=com_jfuploader&Itemid=[Itemid]
  	 3. Download One gif Image ( Example : http://www.google.com/images/logo.gif )
  	 4. Open logo.gif In Notepad++ And Got to Last Line
  	 5. Copy And Past You PHP Code After The Last Line ( Don't Delete Any Thing Of Image Code )
  	 6. Save It , Ctrl + S
  	 7. Rename logo.gif To logo.php.gif And Upload It From com_jfuploader
  	 8. To Run Your Uploaded File Go To This Link : http://127.0.0.1/files/YourUsername/logo.php.gif
  	 
  =========================================================================================================
  [#]S T T :
   All Iranian Hackers , Offensive Security , Inj3ct0r , SecurityReason
  =========================================================================================================