Joomla OS Property 2.0.2 Shell Upload Vulnerability | Reaperz

Thursday, 26 July 2012

Joomla OS Property 2.0.2 Shell Upload Vulnerability

By: Afif 08:19 Deface, Exploits 2 comments

Assalamualaikum dan salam sejahtera.Dah lama tak buat entry baru.hehe sorry.sebelum tu aku nak mengucapkan selamat menyambut Ramadan Al-Mubarak buat semua umat islam :)

Ok entry kali ini aku nak share exploit joomla main upload2.hahah jom.

1. Mula-mula search google dork :

inurl:com_osproperty

inurl:/component/osproperty/

2. Pilih salah satu dari result.
Kemudian pergi ke link macam ni :
http://site/index.php/component/osproperty/?task=agent_register

3. Seterusnya akan keluar satu borang/form.

Rujuk gambar :

isi semua tempat kosong/form tu.

Dan kemudian dekat PHOTO choose file dan ambil shell.php atau shell.php.jpg korang.
note : kalau korang nak upload file .html pun bole :)

4. Kemudian untuk tengok hasil shell korang,pergi ke salah satu link ni :

http://site/index.php/component/osproperty/?task=agent_default

Kemudian click Account Information.tengok bahagian Photo.right click > open image.

Shell korang akan jadi macam ni :
http://site/index.php/images/com_osproperty/agent/randomid_shell.php

note : randomid tu macam code2 random yang akan diberi oleh website tu.dia automatik rename shell korang.

Hasil :
http://www.erlo.lu/smiles.html
http://www.erlo.lu/images/osproperty/agent/1343316520_smiles.html
Bukti dara : http://www.zone-h.org/mirror/id/18143286
Live target :

http://www.erlo.lu/index.php/en/component/osproperty/?task=agent_register

http://uniquepropertyservices.co.uk/index.php/component/osproperty/?task=agent_register

5. Done! selamat berjaya :)

Assalamualaikum.

Share:

2 comments:

Defacer PhantomCrews26 July 2012 at 23:22
http://www.erlo.lu/ index trus
ReplyDelete
Replies
Afif27 July 2012 at 05:13
hehe mantap :D
ReplyDelete
Replies

Subscribe to: Post Comments (Atom)

© 2011 - Reaperz All rights reserved | Theme Designed by Seo Blogger Templates