Kamis, 04 Agustus 2016

Joomla Component com_jwallpapers Arbitrary File Upload

==================================================================
Title: Joomla Component com_jwallpapers Arbitrary File Upload
Author: Mr. Error 404 - IndoXploit
Google Dork: inurl:/index.php?option=com_jwallpapers
vuln: /index.php?option=com_jwallpapers&task=upload
output vuln: {"jsonrpc" : "2.0", "result" : null, "id" : "id"}
Thanks to: ./Mister-Y404 & All Member IndoXploit
Greetz: Sanjungan Jiwa - Defacer Tersakiti Team
==================================================================

CSRF Xploit Code:
-> http://pastebin.com/2YenMhz3


NB: Ubah bagian shell_kalian.php dengan nama shell yang kalian ingin kan ( ex: shell.php ), dan juga shell yang kalian upload harus ber-extensi .jpg (ex: shell.jpg). Tanpa haarus menggunakan tamper data dan sebagainyaa.

Setelah Kalian Xploit, maka hasilnya akan tetap sama seperti ini:


tidak ada tulisan error sama sekali.
Shell akses: http://target.com/jwallpapers_files/plupload/shell_kalian.php

Load disqus comments

0 komentar

Comments
0 Comments