Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload

• Exploit Database
• 158 阅读

• 作者： Setr0nix
  日期： 2010-10-30
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/15353/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

  ========================================================================================================= [#]Type: Joomla Component com_jfuploader < 2.12 Remote File Upload [#]Author: Setr0nix [#]Home: www.Setr0nix.com [#]Contact : Admin@Setr0nix.com =========================================================================================================   [#]Exploit : 1. Register 2. http://127.0.0.1/index.php?option=com_jfuploader&Itemid=[Itemid] 3. Download One gif Image ( Example : http://www.google.com/images/logo.gif ) 4. Open logo.gif In Notepad++ And Got to Last Line 5. Copy And Past You PHP Code After The Last Line ( Don&apos;t Delete Any Thing Of Image Code ) 6. Save It , Ctrl + S 7. Rename logo.gif To logo.php.gif And Upload It From com_jfuploader 8. To Run Your Uploaded File Go To This Link : http://127.0.0.1/files/YourUsername/logo.php.gif ========================================================================================================= [#]S T T : All Iranian Hackers , Offensive Security , Inj3ct0r , SecurityReason =========================================================================================================