# Exploit Title:Upload Vulnerability in com_djclassifieds # Version: Web Application # vendor :http://dj-extensions.com/ # Date: 2 apr,2010 # Dork:inurl:com_djclassifieds # Author:Sid3^effects # Code : ############################################################################ ooooo .oooooo. oooooo oooooo oooo `888' d8P' `Y8b `888. `888. .8' 888 888 `888. .8888. .8' 888 888 `888 .8'`888. .8' 888 888 `888.8' `888.8' 888 `88b ooo `888' `888' o888o `Y8bood8P' `8' `8' -------------------------------------------------------------------------------------- #####################Sid3^effects aKa HaRi################################## #Greetz to all Andhra Hackers and ICW Memebers[Indian Cyber Warriors] #Thanks:*L0rd ÇrusAdêr*,d4rk-blu™®,R45C4L idi0th4ck3r,CR4C|< 008,M4n0j,MaYuR #ShouTZ:kedar,dec0d3r,41.w4r10r #Catch us at www.andhrahackers.com or www.teamicw.in ############################################################################ Description : The DJ-Classifieds extension allows you to add text advertisements into thematic categories, assigning images and descriptions to them. You can also allow users to add their own advertisements at your website with possibility to charge users for it (paypal). Features: free and paid classifieds menu module items module search module ############################################################################ Xploit : Upload Vulnerability STEP 1 : Register first :) STEP 2 : Goto "Add classifieds"option. STEP 3 : The attacker either upload a shell by changing the extension of the shell to .img,.gif or.bmp. The description part is also vulnerable. By uploading the evil script succesfully one can attack. :) DEMO URL : http://templates.design-joomla.eu/jm-classifieds/index.php Once uploaded you can check your classifieds :P DEMO URL: http://templates.design-joomla.eu/jm-classifieds/index.php?option=com_djclassifieds&view=showitem&cid=6&id=29&Itemid=1 ############################################################################ #Sid3^effects