22/08/2012, 22:02
|
المشاركة رقم: 1
|
| المعلومات |
| الكاتب: |
|
| اللقب: |
عـضـــو كسول |
| الصورة الرمزية |
|
|
| البيانات |
| التسجيل : |
Nov 2010 |
| العضوية : |
787 |
| الاهتمامات : |
|
| الإقامة : |
|
| المواضيع : |
71385 |
| الردود : |
-1 |
| المجموع : |
71,384 |
| بمعدل : |
12.67 يوميا |
| الاختراقات : |
[] |
| مجتمعنا : |
[] |
| الصنف : |
Not Hacker |
| آخر تواجد : |
13/11/2010/22:11 |
| سبب الغياب : |
|
| معدل التقييم: |
87 |
| نقاط التقييم: |
12 |
شكراً: 0
تم شكره 79 مرة في 78 مشاركة
| الإتصالات |
| الحالة: |
|
| وسائل الإتصال: |
|
|
[webapps / 0day] - Joomla Component joomgalaxy v1.2.0.5 Remote File Upload
كود:
Exploit Title: Joomgalaxy Remote File Upload v1.2.0.5
dork: inurl:com_joomgalaxy
Date: [21-08-2012]
Author: Daniel Barragan "D4NB4R"
Twitter: @D4NB4R
site: http://poisonsecurity.wordpress.com/
Vendor: http://www.joomgalaxy.com/
Version: 1.2.0.5 (last update on Aug 21, 2012)
License: Commercial $ 149 us
Demo: http://joomgalaxy.com/demo/
Tested on: [Linux(bt5)-Windows(7ultimate)]
Descripcion:
Joomgalaxy is a rich, comprehensive directory component brimming with unique features like Entry comparison, Pay per download, Tagging, Email Cloaking, Review and Rating with Multiple Attributes, add Articles to Entries, with many more plus all standard directory features as well.
Comentario:
Al igual que en la version anterior 1.2.0.4 la cual tambien le encontre vulnerabilidades hace menos de 2 meses parece ser que solo arreglaron el upload y la sqli reportadas dejando el upload del icon sin restricciones ni validaciones
As in the previous version 1.2.0.4 which also vulnerabilities found him less than two months, it seems that only fixed the upload and sqli reported leaving the upload icon without restrictions or validations
1. Unrestricted File Upload
1a. Go to this route, Complete the form and login the site
Ingrese a esta ruta, Complete el formulario e ingrese al sitio
http://site/index.php?option=com_users&view=registration
1b. go to the following link and create a new post, then go to input icon and upload your shell as follows shell.php
vaya a este enlace cree un nuevo anuncio luego vaya al input del icon y suba su shell de la de la siguiente manera shell.php
http://site/index.php?option=com_joomgalaxy&view=addentry
1c. once the post is published go to the tab images and upload your shell in the following way: shell.php
Una vez subida la shell busquela en el siguiente path
http://site//administrator/components/com_joomgalaxy/assets/images/entry_manager/1345590149_icon_shell.php
_____________________________________________________
Daniel Barragan "D4NB4R" 2012
# [2012-08-22]
آخر مواضيع » ADMINISTRATOR |
|
|
التعديل الأخير تم بواسطة yasMouh ; 23/08/2012 الساعة 23:52
|
|
|