facebook facebook twitter rss

Joomla - com_hdflvplayer Configuration File Disclosure

Author: bRpsd , Published: 29-12-2014
Title ==> Joomla - com_hdflvplayer Configuration File Disclosure
Script ==> Joomla
Component ==> com_hdflvplayer
Author ==> bRpsd
Skype ==> vegnox

Ok ,This exploit can be done manually , But i made a tool instead to make your dream come true! :D
And to make it easier exploiting online.


All what you have to do is entering the target In the box, And it will give you the server response in 1 second.
URL Must be entered in as 'http://www.example.com' or 'https://www.example.com'
Else , It wont work.
Once you enter the URL , The 'Configuration' File will be right in your hand.
Exploit the Information via FTP or /administrator panel.
You can upload your shell via 'FTP' or 'Joomla Admin Panel'

Tool :
http://linux.net.tr/wp-content/rock.fbi

Dorks:
inurl:index.php?option=com_hdflvplayer
inurl:/components/com_hdflvplayer/

Just as always,
Demo of vulnerable websites are included for testing ;
http://wsw.vssc.gov.in/
http://tourism.gov.tm/
http://health.gov.ly/


Enjoy Fellows!
Thank me by taking down websites whose offend islam (;

Like us on Facebook :