• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Cara Mudah Upload Shell [Pasang Backdoor] di Web Joomla

April 28, 2013 by Jack Wilder 20 Comments

Kali ini saya akan share cara mudah upload shell di web CMS Joomla. kadang kita masih bingung saat menemukan web Joomla namun tidak tahu cara upload shell. Oleh karena itu kali ini saya akan berbagi trik upload shell di Joomla.
Step 1 :
Oke, saya anggap kalian sudah login ke Web Joomla. Klik Global Configuration.
Lihat Gambar :

Step 2:
Lalu klik bagian System :
Perhatikan sub bagian dibawahnya :
Legal Extensions (File Types) : tambahkan ekstensi php
Restrict Uploads : pilih NO
Check MIME Types : pilih NO
Legal Image Extensions (File Types) : tambahkan ekstensi php
Legal MIME Types : tambahkan image/php

Lalu klik save

Step 3:
Klik menu Media Manager
Upload Shell disitu.

Step 4 :
Sekarang kita panggil shellnya.
Lokasiya di http://[site]/images/[shell.php]

Sekarang terserah anda mau diapain tuh situs. Mau dideface terserah. :p
Sekian tutorial kali ini. Semoga bermanfaat.

Shares

Filed Under: Uncategorized Tagged With: Hacking

Reader Interactions

Comments

  1. febriansyah haq says

    April 28, 2013 at 10:46 pm

    Gampang banget sobat 🙂

    Reply
    • chiaki says

      April 28, 2013 at 11:37 pm

      Sipp

      Reply
  2. Brebes VS Lamongan says

    April 29, 2013 at 1:43 am

    kunjungangan siang sob nyimak sekalian mau cari yang baru

    Reply
    • chiaki says

      April 29, 2013 at 6:37 pm

      Apanya ?

      Reply
  3. Deby Putra Bahrodin says

    April 29, 2013 at 2:17 am

    simple sekali ya, tapii kalo keamanannya bagus pasti susah mas, tidak sesimple ini

    Reply
    • chiaki says

      April 29, 2013 at 7:36 am

      seharusnya ada yang lebih mudah dari ini. pake einztein uploader. :p

      Reply
  4. Muroi El-Barezy says

    April 29, 2013 at 4:55 am

    saya belum pernah make joomla sob, tapi trimakasih sob, siapa tahu nanti tertarik

    Reply
    • chiaki says

      April 29, 2013 at 6:38 pm

      Sip.

      Reply
  5. Mas Nady says

    April 29, 2013 at 11:09 am

    waduh.. sama nih dengan mas muro'i. saya juga belum pernah makai jomla.

    wah sobat ini menguasai semuanya ya sob, hebat dech.. 2 jempol buat sobat.

    Reply
    • chiaki says

      April 30, 2013 at 3:07 am

      Cuma coba2. :v

      Reply
  6. fnv ilham says

    April 29, 2013 at 12:06 pm

    Mantab kang, pass, q lagi cari ini…. 😀

    Reply
    • chiaki says

      April 30, 2013 at 3:07 am

      Sip. Semoga bermanfaat.

      Reply
  7. Abed Saragih says

    April 29, 2013 at 12:26 pm

    Kalau joomla belum pernah menjelajahnya,baru WP dan blogspot sob.

    Reply
  8. budi os 19 says

    April 29, 2013 at 12:37 pm

    berkunjung dan hanya bisa nyimak aja nih sob..hehe 🙂

    Reply
  9. budi os 19 says

    April 29, 2013 at 12:37 pm

    berkunjung dan hanya bisa nyimak aja nih sob..hehe 🙂

    Reply
  10. masaemun says

    April 29, 2013 at 3:44 pm

    Nice info gan. Thanks ya udah share..

    Reply
  11. Taufik Hamzah says

    October 4, 2013 at 10:10 am

    om link nya mati -_-, perbaikin dong

    Reply
  12. Dante Yukihiro says

    October 23, 2013 at 10:10 am

    Global Configuration udah kagak ada om, izin lewat 😀

    Reply
  13. Anonim says

    June 8, 2014 at 9:43 pm

    When someone writes an article he/she maintains the plan of a user in his/her brain that how a user can know it.
    So that's why this article is great. Thanks!

    My weblog; off cancer

    Reply
  14. Anonim says

    June 19, 2014 at 4:32 am

    It's actually a nice and useful piece of info.

    I am satisfied that you shared this useful information with us.
    Please keep us up to date like this. Thank you for sharing.

    Visit my website … weight-loss diet

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Cara Mudah Hack cPanel dengan Fitur Reset Password

Exploit WordPress Ajax Load More PHP Upload Vulnerability

Woocommerce Custom Tshirt Desginer CSRF Shell Upload Vulnerability

Deface WordPress dengan Exploit WordPress TheLoft Theme Arbitrary File Download Vulnerability

Exploit WPStore Themes Upload Vulnerability

Heroku Custom Domain or Subdomain Takeover

WordPress Army Knife CSRF File Upload Vulnerability

Prestashop Module Blocktestimonial File Upload Auto Exploit

WordPress Fraction Theme Version 1.1.1 Privilege Escalation

Azure Traffic Manager Custom Domain or Subdomain Takeover

LinuxSec / 87 queries in 0.24 seconds