• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

LinuxSec Exploit

Nothing is Ever Locked

  • XSS Payloads
  • About Us

Joomla Simple Photo Gallery – Arbitrary File Upload Vulnerability

March 17, 2015 by Jack Wilder 2 Comments

Kali ini saya mau share exploit terhadap CMS Joomla yang beberapa hari yang lalu di share di 1337day. Yaitu  Joomla Simple Photo Gallery – Arbitrary File Upload Vulnerability. Author dari Exploit ini adalah CrashBandicot. Thanks bro 😀 !
Oke langsung saja.
Google dork : use your brain bitch !!
Victim : /administrator/components/com_simplephotogallery/lib/uploadFile.php
HTML Exploit :
Download Here

Masih bingung ?
Oke saya jelaskan.
Anggap saja kalian sudah dapat target.

Buka dan edit file html exploiter nya dengan editor.
Ganti url nya dengan url target.

Buka file html tadi lewat browser dan upload shell lewat uploader disitu.

Shell nya ada di http://localhost/shell_[jembut].php

Dorr !!

Sekian tutorial kali ini 😀

Filed Under: Uncategorized Tagged With: Deface, Exploit

Reader Interactions

Comments

  1. Anonim says

    March 17, 2015 at 12:27 pm

    "Think like an exploiters 😉 "
    Bacot lu tinggi, mana exploit buatan lu. lamer

    Reply
  2. chiaki says

    March 17, 2015 at 12:40 pm

    kok anonim ? takut ?

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Post

Reverse Shell From Local File Inclusion Exploit

Cara Deface dengan Exploit Slims CMS Senayan Arbitrary File Upload Vulnerability

Readme.io Custom Domain or Subdomain Takeover

DNS Hijacking through Social Engineering

WordPress Army Knife CSRF File Upload Vulnerability

Prestashop Module Blocktestimonial File Upload Auto Exploit

Open Redirect Bypass Cheat Sheet

Deface WordPress Dengan Exploit Archin WordPress Theme 3.2 Unauthenticated Configuration Access Vulnerability

Download 1n73ct10n / 1n73ction Privat Web Shell by X’1N73CT

Tutorial Deface Menutup Halaman Depan Situs Target dengan JS Overlay

LinuxSec / 16 queries in 0.12 seconds