Joomla Component com_foxcontact Arbitrary File Upload

Tuesday, 12 December 2017

Joomla Component com_foxcontact Arbitrary File Upload

https://cxsecurity.com/issue/WLB-2016050072

Auto Exploiter

(Shell Upload, Auto Deface, and Auto Submit Zone -H)

Coded by: L0c4lh34rtz - IndoXploit

********************************

Link Tools: https://pastebin.com/EAtSir5V

********************************

1. Siapkan sebuah list target dalam sebuah file (target.txt), yang isinya seperti contoh berikut:

http://target.com/index.php/contact

http://target.com/index.php/contact-us

2. Langsung saja jalankan toolsnya:

php fox.php target.txt

3. Jangan lupa selalu perhatikan perintah dalam scriptnya, untuk mengganti hal-hal yang diperlukan.

4. Result otomatis disimpan dalam file result_foxcontact.txt

Oke sekian dulu :D

Dhika said...: index.htm nya bisa di ganti jadi shell ga gan?; 12/12/2017 6:40 pm
Unknown said...: ehh salah komen, itu list target maksud nya gimna ya gan?; 12/12/2017 7:58 pm
Anonymous said...: di coba aja gan, bagian preg_match nya juga ganti kalo mau diganti shell; 12/13/2017 1:22 am
Anonymous said...: ya simpen target nya di file target.txt; 12/13/2017 1:22 am
Anonymous said...: good job; 1/09/2018 10:15 pm
Anonymous said...: problem
!! File index.htm tidak ditemukan !!
??; 1/09/2018 10:19 pm
Unknown said...: It's not working bro; 2/18/2018 8:59 am

Tuesday, 12 December 2017